Headline
CVE-2022-3274: Mitigate CSRF on user's settings #221 · ikus060/rdiffweb@e974df7
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7.
@@ -116,18 +116,19 @@ def render_prefs_panel(self, panelid, action=None, **kwargs): # @UnusedVariable
# Process the parameters.
profile_form = UserProfileForm(email=self.app.currentuser.email)
password_form = UserPasswordForm()
if action == "set_profile_info":
self._handle_set_profile_info(action, profile_form)
elif action == "set_password":
self._handle_set_password(action, password_form)
elif action == "update_repos":
self.app.currentuser.refresh_repos(delete=True)
flash(_(“Repositories successfully updated”), level=’success’)
elif action is None:
pass
else:
_logger.warning("unknown action: %s", action)
raise cherrypy.NotFound(“Unknown action”)
if cherrypy.request.method == 'POST’:
if action == "set_profile_info":
self._handle_set_profile_info(action, profile_form)
elif action == "set_password":
self._handle_set_password(action, password_form)
elif action == "update_repos":
self.app.currentuser.refresh_repos(delete=True)
flash(_(“Repositories successfully updated”), level=’success’)
elif action is None:
pass
else:
_logger.warning("unknown action: %s", action)
raise cherrypy.NotFound(“Unknown action”)
params = {
'profile_form’: profile_form,
'password_form’: password_form,
Related news
rdiffwen prior to version 2.4.7 is vulnerable to Cross-Site Request Forgery (CSRF). An attacker can change a user's email ID. Version 2.4.7 has a fix for this issue.