macrozheng mall Cleartext Transmission of Sensitive Information Vulnerability

A vulnerability exists in macrozheng mall versions through 1.0.3, allowing for the insecure transmission of user credentials. During authentication, passwords are sent over unencrypted HTTP instead of HTTPS. This issue also affects other APIs that require token authentication, exposing sensitive information such as passwords and JWT tokens to interception by network-based attackers through packet sniffing or Man-in-the-Middle (MitM) attacks. Captured credentials can be reused to gain administrative access, leading to account takeover.

Impact

Exploitation of this vulnerability allows for the interception of sensitive information, including passwords and JWT tokens, which can be used to gain administrative access to the application, resulting in unauthorized account takeover.

Reproduction

To reproduce this vulnerability, log into a macrozheng mall version up to 1.0.3 and observe the authentication process. Passwords will be transmitted over unencrypted HTTP, exposing them to interception. This vulnerability can also be demonstrated by capturing network traffic during the authentication process using a packet sniffer or a Man-in-the-Middle attack.