There is a vulnerability about broken access control.
yang8e opened this issue · comments
[Suggested description]
There is a vulnerability that attacker can log into any user.
[Vulnerability Type]
Broken Access Control
[Vendor of Product]
https://github.com/newbee-ltd/newbee-mall
[Affected Product Code Base]
master
[Affected Component]
NewBeeMallUserServiceImpl.java
[Impact Information]
Escalation of Privileges
[Vulnerability proof]
-
register as a normal user
-
change userinfo and capture the request
-
change
user_idat request body
-
send request and receive correspond userid's session
-
view user dashboard and receive correspond userid's information
