SourceCodester Medical Certificate Generator App Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in SourceCodester Medical Certificate Generator App version 1.0. This vulnerability allows attackers to arbitrarily delete medical certificate records by tricking authenticated users into submitting malicious requests. The application fails to implement adequate anti-CSRF protections, such as unique tokens or strict validation of request origins, relying instead on session cookies for authorization, which can be exploited remotely.

Impact

Exploitation of this vulnerability leads to the unauthorized deletion of medical certificate records, causing a loss of sensitive medical data and disrupting the integrity of application records. This vulnerability could also be exploited through phishing attacks or by using malicious links.

Reproduction

To reproduce this vulnerability, log into the application as a valid user and maintain an active session. Then, open a crafted HTML page that includes a form targeting the application's delete record endpoint. This form should be set to submit a POST request with the ID of the medical certificate to be deleted. Once the page is loaded, the form will be automatically submitted, resulting in the deletion of the specified certificate record.

Remediation

It is recommended to implement CSRF tokens for all state-changing requests, validate these tokens on the server side, and enforce strict origin and referer validation.