Miggo Logo
Miggo Vulnerability Database
CVE-2023-5511

CVE-2023-5511: Cross-Site Request Forgery (CSRF) in snipe/snipe-it

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-5511
GHSA ID
GHSA-33vj-r6p6-x4p8
EPSS Score
0.25498%
CWE
CWE-352
Published
10/11/2023
Updated
11/8/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
snipe/snipe-itcomposer<= 6.2.26.2.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from:

  1. The route was originally configured as GET ('reports/unaccepted_assets/{acceptanceId}/sent_reminder'), which is unsafe for state-changing operations.
  2. The controller method directly accepted acceptanceId from the URL parameter without CSRF token validation.
  3. The patch changed the route to POST and added CSRF protection via form submission, confirming the original GET implementation was vulnerable. The function's pre-patch behavior matches classic CSRF vulnerability patterns where state-changing actions lack POST+CSRF validation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-Sit* R*qu*st *or**ry (*SR*) in *it*u* r*pository snip*/snip*-it prior to v.*.*.*.

Reasoning

T** vuln*r**ility st*mm** *rom: *. T** rout* w*s ori*in*lly *on*i*ur** *s **T ('r*ports/un****pt**_*ss*ts/{****pt*n**I*}/s*nt_r*min**r'), w*i** is uns*** *or st*t*-***n*in* op*r*tions. *. T** *ontroll*r m*t*o* *ir**tly ****pt** ****pt*n**I* *rom t**