If you find a vulnerability on this server you will be forever immortalized on this page!
-
Parth Narula 2024-01-15
CSRF vulnerability allows attackers to force users to post comments on the blog.
Since I use tripcodes (Blog post 3 for more info) for authentication, and not cookies, this CSRF does not allow attackers to impersonate users. However, an attacker could abuse this to post a lot of spam.
Fix: The Sec-Fetch-Site header is perfect for this. Only allow comments if($_SERVER['HTTP_SEC_FETCH_SITE'] != "cross-site")
-
Anonymous (Comment) 2021-06-15
Found a Stored XSS in the upload honeypot.
Due to a misconfiguration, CSP was not active on the honeypot. In addition file names were not escaped correctly.
Fix: Added CSP to honey pot and htmlentities on file names.