Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 5.2-milestone-1
Affects Version/s: 5.1
Component/s: Message Stream
Labels:
None
Environment:
Apache 7. Mysql 5.5, XWIKI 5.1

Difficulty:
Easy
Documentation:
N/A
Documentation in Release Notes:
N/A
Similar issues:

Description

There is a CSRF Vulnerability on "Send Message" functionality.
Using this we can send any message,select its visibility and also select whether to send to everyone or any particular user.

POC URL: http://localhost:8080/xwiki-enterprise-web-5.1/bin/view/Main/MessageSenderMacro?xpage=plain&xaction=postMessage&messagestream_message=testaaabbbb&visibilityLevel=everyone&targetName=

Using the parameter "messagestream_message" we can customize the message to send.

Using the parameter "visibilityLevel" we can customize the visibility.

Using the parameter "targetName" we can customize whether to send to a particular user or to all followers.

Vulnerability tested on XWIKI 5.1, so lower versions are also affected.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

CSRF_01.jpg
50 kB
24/Jul/13 10:03
CSRF_02.jpg
186 kB
24/Jul/13 10:04

Issue Links

links to

Pull Request

Activity

People

Assignee:: Thomas Delafosse

Reporter:: Abhisek

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Jul/13 10:01

Updated:: 02/Dec/22 10:58

Resolved:: 30/Jul/13 14:22

Date of First Response:: 30/Jul/13 2:22 PM