IDOR allowing to see other users' entries in wallabag/wallabag

Valid

Reported on

Jan 4th 2023


Description

The exporting entry functionality is vulnerable to an IDOR attack.

Proof of Concept

  1. Create a new entry as an existing user. Let's say the entry's id is 1.
  2. Create a new user and login as them.
  3. Go to http://localhost:8000/export/1.txt.

Impact

An attacker can see other users' entries.

We are processing your report and will contact the wallabag team within 24 hours. a year ago
We have contacted a member of the wallabag team and are waiting to hear back a year ago
Kevin Decherf validated this vulnerability a year ago
bAu has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Kevin Decherf
10 months ago

Maintainer


Vulnerability published on GitHub: https://github.com/wallabag/wallabag/security/advisories/GHSA-qwx8-mxxx-mg96 Fix released in 2.5.3: https://github.com/wallabag/wallabag/releases/tag/2.5.3

Kevin Decherf marked this as fixed in 2.5.3 with commit 0f7460 10 months ago
Kevin Decherf has been awarded the fix bounty
This vulnerability has been assigned a CVE
Kevin Decherf published this vulnerability 10 months ago
wallabag/wallabag maintainer gave praise 10 months ago
Thank you @bauh0lz!
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
to join this conversation