A scan showed a "high risk" cross-site forgery request vulnerability. True or false? Here's what they say:
Method GET
Variable form-currency
Element form
Matched by Regular Expression: <form action="https://store.xxxxx.com/index.php?route ... y/currency" method="post" enctype="multipart/form-data" id="form-currency"> <div class="btn-group"> <button class="btn btn-link dropdown-toggle" data-toggle="dropdown"> <strong>$</strong> <span class="hidden-xs hidden-sm hidden-md">Currency</span> <i class="fa fa-caret-down"></i></button> <ul class="dropdown-menu"> <li> <button class="currency-select btn btn-link btn-block" type="button" name="EUR">€ Euro</button> </li> <li> <button class="currency-select btn btn-link btn-block" type="button" name="GBP">£ Pound Sterling</button> </li> <li> <button class="currency-select btn btn-link btn-block" type="button" name="USD">$ US Dollar</button> </li> </ul> </div> <input type="hidden" name="code" value=""> <input type="hidden" name="redirect" value="https://store.xxxxx.com/index.php?route=common/home"> </form>
CSRF Protection Form (VQMod)
https://www.opencart.com/index.php?rout ... on_id=4773
https://www.opencart.com/index.php?rout ... on_id=4773
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
The suggested fix works for all v3.x releases as well, also depending on the custom themes you might be using. Also take note that the GZIP Output compression setting from your php.ini must be enabled in order to see if the extension is responding from view-source. For additional assistance with this extension, please post on the official support topic provided on the Marketplace page.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
The information given isn't that clear. It refers to the method being GET, but then references a form with the method POST. I would ask whoever did the scan for more information.tvs wrote: ↑Sat Jan 11, 2020 4:49 amA scan showed a "high risk" cross-site forgery request vulnerability. True or false? Here's what they say:
Method GET
Variable form-currency
Element form
Matched by Regular Expression: <form action="https://store.xxxxx.com/index.php?route ... y/currency" method="post" enctype="multipart/form-data" id="form-currency"> <div class="btn-group"> <button class="btn btn-link dropdown-toggle" data-toggle="dropdown"> <strong>$</strong> <span class="hidden-xs hidden-sm hidden-md">Currency</span> <i class="fa fa-caret-down"></i></button> <ul class="dropdown-menu"> <li> <button class="currency-select btn btn-link btn-block" type="button" name="EUR">€ Euro</button> </li> <li> <button class="currency-select btn btn-link btn-block" type="button" name="GBP">£ Pound Sterling</button> </li> <li> <button class="currency-select btn btn-link btn-block" type="button" name="USD">$ US Dollar</button> </li> </ul> </div> <input type="hidden" name="code" value=""> <input type="hidden" name="redirect" value="https://store.xxxxx.com/index.php?route=common/home"> </form>
My best guess is that the scanned is picking up that fact the redirect URL can to set to anything. This had been picked up by other scanners in the past. viewtopic.php?f=10&t=12043#p108168
Who is online
Users browsing this forum: No registered users and 84 guests
