zhangyd-c OneBlog Denial-of-Service Vulnerability in API Comment Endpoint

A denial-of-service vulnerability has been identified in the OneBlog commenting system, specifically in version 2.3.9. The issue arises in the '/api/comment' endpoint, where an attacker can disrupt the comment functionality for both users and administrators. This is achieved by including the parameter 'id=9223372036854775807' in comment requests, which causes the comment system to fail completely.

Impact

Exploitation of this vulnerability leads to a complete failure of the comment system, causing disruptions for both regular users and administrators.

Reproduction

To reproduce this vulnerability, send a POST request to the '/api/comment' endpoint without an 'id' parameter. Then, resend the request with the 'id' parameter set to '9223372036854775807', along with the other usual comment fields. The comment will be posted successfully, but this will disrupt the normal functioning of the comment system, preventing new comments from being added and causing errors when trying to view comments, even for administrators.

Remediation

To address this vulnerability, modify the 'comment' method in the 'BizCommentServiceImpl' class by adding 'comment.setId(null);' before saving the comment information.