Skip to content

Instantly share code, notes, and snippets.

@b33t1e

b33t1e/CVE-2023-27160

Created March 30, 2023 02:45
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save b33t1e/6172286862a4486b5888f3cbbdc6316d to your computer and use it in GitHub Desktop.
Save b33t1e/6172286862a4486b5888f3cbbdc6316d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CVE-2023-27160
[description]
forem up to v2022.11.11 was discovered to contain a Cross Site Request Forgery (CSRF)
via the component /articles, /articles/{id}.
>
------------------------------------------
>
[Vulnerability Type]
Cross Site Request Forgery (CSRF)
>
------------------------------------------
>
[Vendor of Product]
https://github.com/forem/forem
>
------------------------------------------
>
[Affected Product Code Base]
forem - <= Version 2022.11.11
>
------------------------------------------
>
[Affected Component]
The API endpoints /articles, /articles/{id} are vulnerable to Cross Site Request Forgery (CSRF) attacks via the main_image parameter.
>
------------------------------------------
>
[Attack Type]
Remote
>
------------------------------------------
>
[Impact Code execution]
true
>
------------------------------------------
>
[Impact Escalation of Privileges]
true
>
------------------------------------------
>
[Impact Information Disclosure]
true
>
------------------------------------------
>
[Attack Vectors]
POC: POST API with "main_image":"http://127.0.0.1:4444/main_image?main_image=ssrf&param=123"
details can be seen: https://notes.sjtu.edu.cn/s/EEEK9r_Gw
>
------------------------------------------
>
[Discoverer]
beet1e
>
------------------------------------------
>
[Reference]
http://forem.com
https://github.com/forem/forem
https://notes.sjtu.edu.cn/s/EEEK9r_Gw
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment