MyTube Authorization Bypass Vulnerability Allowing Unauthorized Database Export
Vulnerability
An authorization bypass vulnerability has been identified in MyTube versions through 1.7.78. This vulnerability allows guest users to download the entire application database. The issue arises because the application does not properly validate user permissions on the database export endpoint, enabling low-privileged users to access sensitive data that should be restricted.
Impact
Exploitation of this vulnerability allows low-privileged users to exfiltrate the entire application database, including sensitive information such as user credentials and application secrets, which should be accessible only to administrators.
Reproduction
To reproduce this vulnerability, authenticate to the application as a visitor user. Then, send a request to the database export endpoint using an authenticated cookie. The complete database file will be downloaded successfully, despite the user having only guest-level permissions.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.