Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0006506TestLinkSecurity - Generalpublic2014-08-14 14:422014-09-27 16:42
Reportercedric 
Assigned Tofman 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
Platformx86_64OSWindowsOS Version7
Product Version1.9.10 (2014 Q1 - bug fixing) 
Fixed in Version1.9.12 (2014 Q3) 
Summary0006506: Cross-Site Request Forgery on lib/usermanagement/rolesView.php (CWE-352)
DescriptionAn unauthorized person can trick a user to delete a role without his knowledge.
Steps To Reproduce 1. Login as a valid user
 2. Create a HTML file with this content:

<img src="http://demo.testlink.org/latest/lib/usermanagement/rolesView.php?doAction=confirmDelete&roleid=XXX" [^] style="width:0px;height:0px;" />

* Where XXX is the role ID to be deleted.

 3. Open the file with a browser.
TagsNo tags attached.
Database (MySQL,Postgres,etc)MySQL
BrowserChrome 28
PHP Version5.3.3
TestCaseID
QA Team - Task Workflow StatusREADY FOR TESTING
Attached Files

- Relationships
child of 0006457closedfman Availables hot-fixes for 1.9.11 & How To get full fixed package from gitorious 

-  Notes
(0021471)
fman (administrator)
2014-08-15 08:47

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet [^]
(0021472)
fman (administrator)
2014-08-15 09:16
edited on: 2014-08-15 18:14

Would you mind to test this solution ? ATTENTION CHANGED !!!
https://gitorious.org/testlink-ga/testlink-code/commit/dfcc5df07ccc0bc3d085ee6166e5c6de83fa3855 [^]

(0021709)
fman (administrator)
2014-09-27 16:42

Release done

- Issue History
Date Modified Username Field Change
2014-08-14 14:42 cedric New Issue
2014-08-15 08:47 fman Note Added: 0021471
2014-08-15 09:16 fman Note Added: 0021472
2014-08-15 09:17 fman Note Edited: 0021472 View Revisions
2014-08-15 09:17 fman Assigned To => fman
2014-08-15 09:17 fman Status new => feedback
2014-08-15 09:29 fman Relationship added child of 0006457
2014-08-15 18:14 fman Note Edited: 0021472 View Revisions
2014-08-15 18:17 fman QA Team - Task Workflow Status => TBD
2014-09-08 21:25 fman QA Team - Task Workflow Status TBD => READY FOR TESTING
2014-09-08 21:25 fman Status feedback => resolved
2014-09-08 21:25 fman Fixed in Version => 1.9.12 (2014 Q3)
2014-09-08 21:25 fman Resolution open => fixed
2014-09-27 16:42 fman Note Added: 0021709
2014-09-27 16:42 fman Status resolved => closed
2015-09-15 21:09 fman Category Security => Security - XSS
2015-09-15 21:10 fman Category Security - XSS => Security - General



Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker