关联漏洞
标题:
N/A
(CVE-2025-26206)
描述:在 sell done storefront v.1.0 中存在跨站请求伪造漏洞,远程攻击者可以通过利用 index.html 组件来提升权限。
介绍
# 🚨 CVE-2025-26206: Cross-Site Request Forgery (CSRF) in Sell Done Storefront v.1.0
Welcome to the official repository documenting the discovery and details of **CVE-2025-26206**, a critical **Cross-Site Request Forgery (CSRF)** vulnerability in **Sell Done Storefront v.1.0**. Discovered by **B. Sibhi**, this vulnerability highlights the importance of robust web application security practices.
---
## 📄 Overview
This repository provides a detailed breakdown of the **CSRF vulnerability** identified in **Sell Done Storefront v.1.0**, which has been assigned the CVE ID **CVE-2025-26206**. The vulnerability allows a remote attacker to escalate privileges by exploiting the lack of CSRF protections in the application.
---
## 🔍 Vulnerability Details
| **Category** | **Details** |
|-----------------------|-----------------------------------------------------------------------------|
| **CVE ID** | [CVE-2025-26206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26206) |
| **Vulnerability Type**| Cross-Site Request Forgery (CSRF) |
| **Affected Product** | Sell Done Storefront v.1.0 |
| **Impact** | Privilege Escalation |
| **Attack Vector** | Remote |
| **Discoverer** | [B. Sibhi](https://github.com/xibhi) |
---
## 🛠️ Technical Description
The vulnerability exists due to the absence of **anti-CSRF tokens** in the Sell Done Storefront v.1.0 web application. This allows an attacker to craft malicious requests that can be executed by an authenticated user without their knowledge, leading to **privilege escalation**.
### Affected Code
The vulnerable code is located in the following file:
- [`index.html`](https://github.com/selldone/storefront/blob/main/index.html)
### How It Works
1. An attacker creates a malicious HTML form or script designed to perform a privileged action (e.g., changing user roles).
2. The attacker tricks an authenticated user into visiting a page containing the malicious form/script.
3. The user’s browser sends a request to the vulnerable application, executing the privileged action without the user’s consent.
---
## ⚠️ Impact
If exploited, this vulnerability could allow a remote attacker to:
- Escalate privileges and gain unauthorized access to sensitive functionalities.
- Perform actions on behalf of authenticated users without their knowledge.
---
## 🛡️ Remediation
The vendor has been notified, and the issue has been patched. To mitigate this vulnerability:
1. **Update** to the latest version of Sell Done Storefront.
2. **Implement anti-CSRF tokens** in all state-changing requests.
3. **Validate and sanitize** all user inputs to prevent similar vulnerabilities.
---
## 📚 References
- [CVE Mitre Entry](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26206)
- [Sell Done Storefront GitHub Repository](https://github.com/selldone/storefront)
- [OWASP CSRF Prevention Cheat Sheet](https://owasp.org/www-community/attacks/csrf)
---
## 📜 License
This repository is licensed under the [MIT License](LICENSE). Feel free to use the information provided here for educational or research purposes.
---
**Disclaimer**: This repository is intended for educational and informational purposes only. The discoverer is not responsible for any misuse of the information provided.3. The user's browser sends a request to the vulnerable application, executing the privileged action without the user's knowledge.
**Note**: A full PoC is not provided here to prevent misuse. Responsible disclosure practices have been followed.
文件快照
[4.0K] /data/pocs/475b87b53674d892eb332b95b7e75e2583745a0e
└── [4.0K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。