huntr.dev
Open in
urlscan Pro
2600:9000:254a:d600:14:bb32:5f00:93a1
Public Scan
URL:
https://huntr.dev/bounties/e65b3458-c2e2-4c0b-9029-e3c9ee015ae4/
Submission: On January 04 via api from US — Scanned from DE
Submission: On January 04 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
huntr Open menu / Bounties 37 Community More Responsible disclosure policy FAQ Contact us Hacktivity Leaderboard Submit report Login Logout huntr Close menu / -------------------------------------------------------------------------------- Bounties Find your next target Submission Submit a report Hacktivity Browse public reports Leaderboard Our leaderboard -------------------------------------------------------------------------------- Policy FAQ Contact us Login IDOR TO ARCHIVE VICTIMS MEMO IN USEMEMOS/MEMOS 1 Valid Reported on Dec 28th 2022 -------------------------------------------------------------------------------- DESCRIPTION Insecure direct object references (IDOR) are a type of access control vulnerability that arises when an application uses user-supplied input to access objects directly. PROOF OF CONCEPT 1) Login into your account at demo.usememos.com 2) Turn on your burpsuite proxy 3) Click on the three dots on the top right of the memo , click on archive and capture the request 4) Send this request to the repeated and drop the current request 5) Change the Memo ID to victims Memo ID and forward the request 6) You will see that the victims memo has been archived POC video: https://drive.google.com/file/d/1-AuWh6TyqGvO2osiF6jrjhPcDiApYRkv/view?usp=sharing # Impact An attacker is able to archive victims memo's through an IDOR and cause huge impact on user "integrity" OCCURRENCES ArchivedMemoDialog.tsx L1-L74 We are processing your report and will contact the usememos/memos team within 24 hours. 8 days ago STEVEN validated this vulnerability 7 days ago nehalr777 has been awarded the disclosure bounty The fix bounty is now up for grabs The researcher's credibility has increased: +7 STEVEN marked this as fixed in 0.9.1 with commit 3556ae 7 days ago STEVEN has been awarded the fix bounty This vulnerability has been assigned a CVE STEVEN published this vulnerability 7 days ago ArchivedMemoDialog.tsx#L1-L74 has been validated Sign in to join this conversation CVE CVE-2022-4814 (assigned) Vulnerability Type CWE-284: Improper Access Control Severity High (8.6) Registry Other Affected Version 0.9.0 Visibility Public Status Fixed Found by nehalr777 @nehalr777 master Fixed by STEVEN @boojack maintainer This report was seen 103 times. We are processing your report and will contact the usememos/memos team within 24 hours. 8 days ago STEVEN validated this vulnerability 7 days ago nehalr777 has been awarded the disclosure bounty The fix bounty is now up for grabs The researcher's credibility has increased: +7 STEVEN marked this as fixed in 0.9.1 with commit 3556ae 7 days ago STEVEN has been awarded the fix bounty This vulnerability has been assigned a CVE STEVEN published this vulnerability 7 days ago ArchivedMemoDialog.tsx#L1-L74 has been validated Sign in to join this conversation 2022 © 418sec HUNTR * home * hacktivity * leaderboard * FAQ * contact us * terms * privacy policy PART OF 418SEC * company * about * team Chat with us