We found results for “”
WS-2021-0109
Date: May 20, 2021
Overview
In `dapps`, version 1.3.0 is vulnerable to `Information Exposure` vulnerability, since the application is routing some specific requests directly without checking whether the application is logged in, and later it redirects to the Login page. Due to this flaw, some information can be viewed without login.Details
The `dapps` module can be abused by `Information Exposure` vulnerability, since the application is routing some specific requests directly without checking whether the application is logged in, and later it redirects to the Login page. Due to this flaw, some information can be viewed without login.PoC Details
Login to the `dapps` application: http://localhost:8000/html/v1/login. After login, open any endpoint from the left pane. Example: http://localhost:8000/html/v1/store/list. Now click Logout, and open the same url: http://localhost:8000/html/v1/store/list Notice that the data is being displayed and suddenly later it redirects to the login page. This issue occurs for all the endpoints: http://localhost:8000/html/v1/store/version# http://localhost:8000/html/v1/store/quick http://localhost:8000/html/v1/store/list http://localhost:8000/html/v1/store/myapp http://localhost:8000/html/v1/dev/index http://localhost:8000/html/v1/store/chat http://localhost:8000/html/v1/store/appupdate http://localhost:8000/html/v1/store/quickAffected Environments
1.3.0Prevention
No fixLanguage: JS
Good to know:
Base Score: |
|
---|---|
Attack Vector (AV): | Local |
Attack Complexity (AC): | Low |
Privileges Required (PR): | None |
User Interaction (UI): | Required |
Scope (S): | Unchanged |
Confidentiality (C): | None |
Integrity (I): | None |
Availability (A): | High |