View Issue Details

IDProjectCategoryView StatusLast Update
14221Bug reports[All Projects] Securitypublic2018-11-13 16:08
ReporterDenisChenuAssigned ToDenisChenu 
PrioritynoneSeverityminor 
Status assignedResolutionfixed 
Product Version 
Target VersionFixed in Version 
Summary14221: No XSS control when delete a token
Description

No CRSF control when deleting token : action is done only with GET param

Steps To Reproduce

On a survey, generate token (dummy)
Depend on your link : replace /sa/browse/surveyid/{$surveyid} by /sa/deleteToken/sid/{$surveyid}/sItem/3 on another tab
see white page
Reload token list : token #3 disappear

Additional Information

This link can be everywhere : for reminder : all DB action must be CRSF controlled : only done with POST value

TagsNo tags attached.
Complete LimeSurvey version number (& build)3.15.1 github
I will donate to the project if issue is resolvedNo
Browsernot relevant
Database & DB-Versionnot relevant
Operating System (Server)not relevant
Webserver software & versionnot relevant
PHP Versionnot relevant

Relationships

related to 14219 closedDenisChenu Unable to quick delete reponse with urlFormat to get 
related to 14222 assignedDenisChenu When deleting a single response : all page is reloaded and current filter lost 

Activities

DenisChenu

DenisChenu

2018-11-11 19:08

developer   ~49603

https://github.com/LimeSurvey/LimeSurvey/pull/1166

DenisChenu

DenisChenu

2018-11-12 17:20

developer   ~49618

Fix committed to master_fixDeleteResponse_urlget branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=28506

DenisChenu

DenisChenu

2018-11-13 16:08

developer   ~49631

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=28517

Related Changesets

LimeSurvey: master_fixDeleteResponse_urlget ca51587e

2018-11-11 19:08:02

DenisChenu

Details Diff
Fixed issue 14221: No XSS control when delete a token
Dev: use POST for deletion in CButton
Dev: todo : filter particpant
Dev: todo : remove old buttons
Dev: todo : move confirmGridAction to adminbasic
mod - application/controllers/admin/participantsaction.php Diff File
mod - application/controllers/admin/responses.php Diff File
mod - application/controllers/admin/tokens.php Diff File
mod - application/models/SurveyDynamic.php Diff File
mod - application/models/TokenDynamic.php Diff File
mod - application/views/admin/responses/listResponses_view.php Diff File
mod - assets/packages/adminbasics/build/adminbasics.css Diff File
mod - assets/packages/adminbasics/build/adminbasics.min.css Diff File
mod - assets/packages/adminbasics/scss/grid.scss Diff File
mod - assets/scripts/admin/listresponse.js Diff File
mod - assets/scripts/admin/tokens.js Diff File

LimeSurvey: master eee87c82

2018-11-13 16:08:09

DenisChenu


Committer: GitHub Details Diff
Fixed issue 14222: When deleting a single response : all page is reloaded and current filter lost

Fixed issue 14221: [security] No XSS control when delete a token
mod - application/controllers/admin/participantsaction.php Diff File
mod - application/controllers/admin/responses.php Diff File
mod - application/controllers/admin/tokens.php Diff File
mod - application/helpers/admin/ajax_helper.php Diff File
mod - application/models/Participant.php Diff File
mod - application/models/SurveyDynamic.php Diff File
mod - application/models/TokenDynamic.php Diff File
mod - application/views/admin/participants/displayParticipants_view.php Diff File
mod - application/views/admin/responses/listResponses_view.php Diff File
mod - assets/packages/adminbasics/build/adminbasics.css Diff File
mod - assets/packages/adminbasics/build/adminbasics.debug.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.min.css Diff File
mod - assets/packages/adminbasics/build/adminbasics.min.js Diff File
add - assets/packages/adminbasics/scss/grid.scss Diff File
mod - assets/packages/adminbasics/scss/main.scss Diff File
mod - assets/packages/adminbasics/src/adminbasicsmain.js Diff File
add - assets/packages/adminbasics/src/components/gridAction.js Diff File
mod - assets/scripts/admin/tokens.js Diff File

Issue History

Date Modified Username Field Change
2018-11-06 22:49 DenisChenu New Issue
2018-11-06 22:49 DenisChenu Relationship added related to 14219
2018-11-06 22:55 DenisChenu Relationship added related to 14222
2018-11-09 19:24 DenisChenu Assigned To => DenisChenu
2018-11-09 19:24 DenisChenu Status new => assigned
2018-11-11 19:08 DenisChenu Note Added: 49603
2018-11-12 17:20 DenisChenu Changeset attached => LimeSurvey master_fixDeleteResponse_urlget ca51587e
2018-11-12 17:20 DenisChenu Note Added: 49618
2018-11-12 17:20 DenisChenu Resolution open => fixed
2018-11-13 16:08 DenisChenu Changeset attached => LimeSurvey master eee87c82
2018-11-13 16:08 DenisChenu Note Added: 49631