← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #45640

[Bug 1540208] [NEW] CSRF mechanism is not safe.

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I'm using burp suite to check secure of horizon 8.0.0.0. CSRF mechanism
is not safe.

I saw : csrftoken equals with csrfmidlewaretoken ==> the reques is
valid.

Example: Do update network's name.

The first request: 
 - I got csrftoken and csrfmidlewaretoken: PvVPmsOEqepSWnWgJa1GKYtBxcSXMTu1
-  network's name :  attt_net_test_129

then I change  csrftoken and csrfmidlewaretoken to "1" ,  network 's
name value to "attt_net_test_121"

Final, do send request ==> Network is updated succesfuly. (attach file)

** Affects: horizon
     Importance: Undecided
         Status: New

** Attachment added: "112.png"
   https://bugs.launchpad.net/bugs/1540208/+attachment/4560910/+files/112.png

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1540208

Title:
  CSRF mechanism is not safe.

Status in OpenStack Dashboard (Horizon):
  New

Bug description:
  I'm using burp suite to check secure of horizon 8.0.0.0. CSRF
  mechanism   is not safe.

  I saw : csrftoken equals with csrfmidlewaretoken ==> the reques is
  valid.

  Example: Do update network's name.

  The first request: 
   - I got csrftoken and csrfmidlewaretoken: PvVPmsOEqepSWnWgJa1GKYtBxcSXMTu1
  -  network's name :  attt_net_test_129

  then I change  csrftoken and csrfmidlewaretoken to "1" ,  network 's
  name value to "attt_net_test_121"

  Final, do send request ==> Network is updated succesfuly. (attach
  file)

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1540208/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next