edu Business Solutions Print Shop Pro WebDesk Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in edu Business Solutions Print Shop Pro WebDesk version 18.34. This vulnerability allows remote attackers to trick authenticated users into performing unintended actions within their sessions, as the application lacks proper CSRF token implementation and other protective measures. Exploitation of this vulnerability could lead to unauthorized data modifications, such as changes to user credentials.

Impact

Exploitation of this vulnerability could result in unauthorized actions being performed on behalf of the user, such as updating profile information or changing account credentials.

Reproduction

To reproduce this vulnerability, first verify that Print Shop Pro WebDesk version 18.34 is in use. After logging into the application, navigate to the Profile Details section. From there, send a request to update the profile using the reg_process.asp endpoint, including the LoginID and the desired profile information. This request can be crafted into a CSRF proof-of-concept by embedding it in an HTML form that automatically submits when the user clicks a button.

Remediation

To address this vulnerability, implement anti-CSRF tokens for all state-changing requests and apply the SameSite=Strict attribute to session cookies. Additionally, validate Origin and Referer headers on sensitive endpoints to block unauthorized cross-origin requests. For high-risk actions like credential modifications, consider enforcing additional safeguards such as step-up authentication, CAPTCHA, or confirmation via the user's primary contact method.