ROSECURIFY

Booked Scheduler 2.5.15 - CSRF

Advisory ID: RO-15-010
Severity: Medium
Vendor: Booked Scheduler
Product: Booked Scheduler
Version: 2.5.15

Overview #

A Cross-Site Request Forgery (CSRF) vulnerability exists in Booked Scheduler version 2.5.15. The vulnerability allows remote attackers to perform unauthorized actions on behalf of authenticated users.

Vulnerability Details #

Affected Versions: 2.5.15 and earlier

Root Cause: Missing or inadequate CSRF token validation allows attackers to forge requests.

Exploitation Requirements #

  • Victim must be authenticated
  • Victim must visit a malicious page while logged in

Impact #

Remote attackers can exploit this vulnerability to:

  • Create or modify reservations
  • Change user settings
  • Perform administrative actions on behalf of admins

Proof of Concept #

Details available upon request.

Solution #

Upgrade to a patched version of Booked Scheduler that includes proper CSRF token validation.

References #

  • Vendor notification sent

Timeline:

  • [2015-01-01] - Discovered

Credits: Omar Kurt

Press / to search, Esc to close