PT-2020-16676 · Redcap · Redcap
Published
2020-10-31
·
Updated
2021-07-01
·
CVE-2020-27358
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
REDCap versions 8.11.6 through 9.x before 10
Description
An issue was discovered in the messenger's CSV feature, which allows users to export their conversation threads as CSV. Non-privileged users can export one another's conversation threads by changing the
thread id parameter in the request to the endpoint "Messenger/messenger download csv.php?title=Hey&thread id={THREAD ID}".Recommendations
For versions 8.11.6 through 9.x before 10, consider restricting access to the Messenger/messenger download csv.php endpoint to prevent non-privileged users from exporting one another's conversation threads. As a temporary workaround, consider disabling the CSV export feature in the messenger until a patch is available.
Exploit
Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Redcap