CVE-2024-31205: Saleor CSRF bypass in refreshToken mutation

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-31205

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Saleor CSRF bypass in refreshToken mutation

Source: NVD (National Vulnerability Database)

Vulnerability Description

Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

跨站请求伪造(CSRF)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Saleor 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Github saleor是一个无头的 GraphQL 商务平台，提供超快速、动态、个性化的购物体验。美丽的在线商店，在任何地方，在任何设备上。 Saleor存在安全漏洞，该漏洞源于允许绕过跨站请求伪造检查。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
saleor	saleor	>= 3.10.0, < 3.14.64	-

II. Public POCs for CVE-2024-31205

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-31205

Please Login to view more intelligence information

https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9wx_refsource_CONFIRM
https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2024-31205

IV. Related Vulnerabilities

Same product: saleor

Same vendor: saleor

Same weakness: CWE-352

V. Comments for CVE-2024-31205

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2024-31205

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-31205

III. Intelligence Information for CVE-2024-31205

IV. Related Vulnerabilities

V. Comments for CVE-2024-31205

Leave a comment