CVE-2025-23044
Published: 20 January 2025
Description
PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit 14acb704891245bf1703ce6296d62112e85aa995 patches the issue.
Security Summary
CVE-2025-23044 is a Cross-Site Request Forgery (CSRF) vulnerability, classified under CWE-352, affecting PwnDoc, an open-source penetration test report generator. The issue stems from a lack of CSRF protection in pwndoc, including the absence of the SameSite attribute on cookies and the ability to refresh cookies. This allows attackers to send both GET and POST requests on behalf of authenticated users. The vulnerability received a CVSS v3.1 base score of 6.8 (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N) and was published on January 20, 2025.
Attackers can exploit this vulnerability remotely over the network without requiring privileges, but it demands high attack complexity and user interaction, such as tricking a logged-in user into visiting a malicious site. Successful exploitation enables the attacker to perform actions on the victim's behalf, potentially leading to high confidentiality and integrity impacts, such as unauthorized data access or modification through forged requests.
Mitigation is available via commit 14acb704891245bf1703ce6296d62112e85aa995 in the pwndoc repository, which patches the CSRF protection deficiencies. Additional details are provided in the GitHub security advisory at GHSA-9v2v-jxvw-52rq.
Details
- CWE(s)