View Issue Details

Jump to NotesJump to HistorySearch commits
IDProjectCategoryView StatusDate SubmittedLast Update
0002074Composr[All Projects] General / Uncategorisedpublic2015-11-12 17:582015-12-22 20:32
ReporterChris GrahamAssigned ToChris Graham 
SeverityMinor-bug 
Status resolvedResolutionfixed 
Product Version9.0.21 
Fixed in Version 
Summary0002074: Security fix for CSRF vulnerability
DescriptionThere is a CSRF vulnerability for Composr. The vulnerability bypasses our referrer checks for checking forms posted to the system. It allows malicious third party websites to trick administrators into submitting coded forms (i.e. coded actions) into the system.

The vulnerability only happens in very particular circumstances, which we are not currently disclosing.

The vulnerability only can occur when the administrator already has a confirmed active login session open (not just a cookie login), and only when they are tricked into going to the malicious third-party site somehow. It is never-the-less a serious issue if a knowledgable hacker desires to directly trick your staff to perform this attack.
TagsNo tags attached.
Time estimation (hours)
Sponsorship open

Activities

Chris Graham

2015-11-12 17:58

administrator   ~0003165

A hotfix (a TAR of files to upload) have been uploaded to this issue. These files are made to the latest intra-version state (i.e. may roll in earlier fixes too if made to the same files) - so only upload files newer than what you have already. Always take backups of files you are replacing or keep a copy of the manual installer for your version, and only apply fixes you need. These hotfixes are not necessarily reliable or well supported. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/).

Chris Graham

2015-11-15 16:22

administrator  

hotfix-2074%2C 2015-11-12 7pm (1).tar (122,880 bytes)

Chris Graham

2015-11-15 16:22

administrator   ~0003181

The hotfix has just been updated due to a bug.

henrisalo

2015-12-20 17:56

reporter   ~0003254

Could you create new release with fix to this vulnerability? I could request users of Composr to upgrade to that version.

Chris Graham

2015-12-22 20:32

administrator   ~0003255

Yes, we should / now have.
9.0.22 and 8.1.20 are now released.

Issue History

Date Modified Username Field Change
2023-02-26 18:29 Chris Graham Category General => General / Uncategorised