[MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via Cross-site
Request Forgery

Details

Product: Anantasoft Gazelle CMS
Security-Risk: high
Remote-Exploit: yes
Vendor-URL: http://www.anantasoft.com
Vendor-Status: informed
Advisory-Status: published

Credits

Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php

Affected Products:

Anantasoft Gazelle CMS 1.0
Prior versions may also be vulnerable

Introduction

"Anantasoft Gazelle CMS is web based content management system."

More Details

We at MajorSecurity have discovered a vulnerability in Anantasoft Gazelle CMS, which can
be exploited by malicious people to conduct cross-site request forgery attacks.
The application allows users to perform certain actions via HTTP requests without
performing any validity checks to verify the requests. This can be exploited to change the
administrator's password by tricking a logged in administrator into visiting a malicious
web site.

Solution

The web application should implement some validity checks to verify the requests before
performing certain actions via HTTP requests.

Workaround

Do not browse untrusted sites or follow untrusted links while being logged-in to the
application.

MajorSecurity

MajorSecurity is a German penetrationtesting and security research company which focuses
on web application security. We offer professional penetrationstest, security audits,
source code reviews.