Miggo Logo

CVE-2021-4049: Cross-Site Request Forgery in remdex/livehelperchat

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.30533%
Published
12/10/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
remdex/livehelperchatcomposer<= 2.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the logout functionality not validating CSRF tokens prior to the patch. The commit adds CSRF checks in logout.php by verifying $lhUser->validateCSFRToken(), indicating the previous absence of this validation. The template files show CSRF tokens were added to logout links post-patch, confirming the pre-patch logout URLs were unprotected. The core vulnerability exists in the logout endpoint's request handling logic before CSRF protection was implemented.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n *tt**k*r is **l* to lo* out * us*r i* * lo****-in us*r visits t** *tt**k*r's w**sit*. W*il* t*is **nnot **rm * us*r's ***ount, it **n ** * *r**t *nnoy*n** *n* is * v*li* *SR*.

Reasoning

T** vuln*r**ility st*ms *rom t** lo*out *un*tion*lity not v*li**tin* *SR* tok*ns prior to t** p*t**. T** *ommit ***s *SR* ****ks in `lo*out.p*p` *y v*ri*yin* `$l*Us*r->v*li**t**S*RTok*n()`, in*i**tin* t** pr*vious **s*n** o* t*is v*li**tion. T** t*mp