Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-50784

Any external function that is exposed to ajax could be vulnerable to CSRF

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 2.9.2
    • 2.9.1, 3.0
    • JavaScript
    • MOODLE_29_STABLE, MOODLE_30_STABLE
    • MOODLE_29_STABLE
    • Hide

      Use the template library - make sure it still functions.

      While you are using the template library - in another tab log out and log in.

      Verify the template library starts throwing exceptions.

      Show
      Use the template library - make sure it still functions. While you are using the template library - in another tab log out and log in. Verify the template library starts throwing exceptions.

      Because the JSON request could be spoofed from any page - we need to always check the session key for any function which is returning privileged data, or changing any state.

      We can add this by including the sesskey in every request from the ajax amd module, and checking it in lib/ajax/service.php.

      The impact of this bug is very low at the moment, only because we do not expose any dangerous functions to AJAX yet. So we should fix it ASAP.

        1. MDL-50784-29.mdk.patch
          4 kB
          Damyon Wiese
        2. MDL-50784-master.mdk.patch
          4 kB
          Damyon Wiese

            damyon Damyon Wiese
            damyon Damyon Wiese
            Petr Skoda Petr Skoda
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Adrian Greeve Adrian Greeve
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.