Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-4033: fix invoice create and search (#2990) · kevinpapst/kimai2@1da26e0

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)

CVE
#csrf

@@ -66,7 +66,7 @@ public function __construct(ServiceInvoice $service, InvoiceTemplateRepository $ * @Route(path="/", name="invoice", methods={"GET", "POST"}) * @Security("is_granted(‘view_invoice’)") */ public function indexAction(Request $request, SystemConfiguration $configuration): Response public function indexAction(Request $request, SystemConfiguration $configuration, CsrfTokenManagerInterface $csrfTokenManager): Response { if (!$this->templateRepository->hasTemplate()) { if ($this->isGranted(‘manage_invoice_template’)) { @@ -100,6 +100,8 @@ public function indexAction(Request $request, SystemConfiguration $configuration return $this->redirectToRoute(‘invoice’); }
$csrfTokenManager->refreshToken(‘invoice.create’);
try { return $this->renderInvoice($query, $request); } catch (Exception $ex) { @@ -148,6 +150,7 @@ public function previewAction(Customer $customer, Request $request, SystemConfig
if ($form->isValid()) { try { $query->setCustomers([$customer]); $model = $this->service->createModel($query);
return $this->service->renderInvoiceWithModel($model, $this->dispatcher); @@ -167,7 +170,7 @@ public function previewAction(Customer $customer, Request $request, SystemConfig * @Security("is_granted('access’, customer)") * @Security("is_granted(‘create_invoice’)") */ public function createInvoiceAction(Customer $customer, InvoiceTemplate $template, Request $request, SystemConfiguration $configuration): Response public function createInvoiceAction(Customer $customer, InvoiceTemplate $template, Request $request, SystemConfiguration $configuration, CsrfTokenManagerInterface $csrfTokenManager): Response { if (!$this->templateRepository->hasTemplate()) { return $this->redirectToRoute(‘invoice’); @@ -185,9 +188,13 @@ public function createInvoiceAction(Customer $customer, InvoiceTemplate $templat return $this->redirectToRoute(‘invoice’); }
$csrfTokenManager->refreshToken(‘invoice.create’);
$query = $this->getDefaultQuery(); $form = $this->getToolbarForm($query, $configuration->find(‘invoice.simple_form’)); $form->submit($request->query->all(), false); if ($this->handleSearch($form, $request)) { return $this->redirectToRoute(‘invoice’); }
if ($form->isValid()) { $query->setTemplate($template);

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907