CVE-2025-28355 PoC — Personal Management System 安全漏洞

来源

关联漏洞

Description

It was identified that the https://github.com/Volmarg/personal-management-system application is vulnerable to CSRF attacks.

介绍

# CVE-2025-28355
It was identified that the https://github.com/Volmarg/personal-management-system application is vulnerable to CSRF attacks, 
one of the many action an attacker can perform is trick a legitimate user to run a cross site request that will alter his/her password, 
allowing the attacker access to the application. The vulnerability requires browsers that have the “SameSite” cookie attribute defaults value to none such as Firefox.

**Vektor String**: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

**CVSS Score**: 4.7

Proof of concept
For the demonstration I will use the username tester and change that user password to “missingcsrf”
Note that the attacker can change other values such as the nickname and the lock password.
The application is generally vulnerable to CSRF, meaning a malicious user can trick users to upload
files change password mess records etc.

![image](https://github.com/user-attachments/assets/8c2a1ec9-c6a0-42d9-b19d-eb9a2125bc62)


This is a simple html page that will make the cross-site request when the user visit the malicious URL.

![image](https://github.com/user-attachments/assets/525fddb2-7390-4089-9087-5d7d597b21be)

Running the above in a Firefox browser, the password changed successfully.

![image](https://github.com/user-attachments/assets/c289c40f-2eb2-40dc-b47d-a422d5ed6444)

Finally, we log in with the modifies password and we can see we getting redirected to the dashboard
page, which means the login was successful.

![image](https://github.com/user-attachments/assets/809e640c-a6bd-4426-9879-f966efc056de)

文件快照

 [4.0K]  /data/pocs/ae5c650ae2f5d81b9ce12352a83859d35c6e7233
└── [1.5K]  README.md

0 directories, 1 file

备注