The Scratch Channel Article Publishing Bypass Vulnerability in Versions 1 and 1.1
Vulnerability
A vulnerability exists in The Scratch Channel news website, specifically in versions 1 and 1.1. It allows users to publish articles in any category and date by sending a POST request to the article creation endpoint. This exploitation can occur regardless of the user's login status, as the necessary checks are performed on the frontend instead of the server. The issue has been addressed in version 1.2.
Impact
This vulnerability could be exploited to publish articles under any category and date, potentially leading to misinformation or unauthorized content being displayed on the website.
Reproduction
To reproduce this vulnerability, send a POST request to the articles creation endpoint with a markdown file containing the article details, including the title, author, date, and category. The absence of server-side validation allows the article to be published as if it were authored by the user specified in the request, regardless of the actual logged-in user.
Remediation
Users can update to version 1.2, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.