CodeAstro Online Job Portal Improper Access Control Vulnerability Allowing Unauthenticated Resume Access

A vulnerability in CodeAstro Online Job Portal version 1.0 allows for improper access control, leading to unauthorized exposure of user resumes. The application stores resumes in a publicly accessible directory without authentication or authorization checks. This vulnerability enables an unauthenticated attacker to access and download any user's resume by requesting the file URL. Additionally, the directory listing is enabled, allowing enumeration of all uploaded resumes. The exposed resumes may contain sensitive personal information such as names, email addresses, phone numbers, and work experience, raising concerns about privacy violations and potential identity theft.

Impact

Exploitation of this vulnerability allows for unauthorized access to all user resumes, which may contain sensitive personal information. This could lead to privacy violations, data harvesting, and potential identity theft.

Reproduction

To reproduce this vulnerability, access the '/users/user-cvs/' directory. The directory listing will reveal all uploaded resume files. Once a file is identified, it can be downloaded without any authentication or authorization.

Remediation

Restrict access to the '/users/user-cvs/' directory, disable directory listing, and implement proper authentication and authorization checks before serving files. Sensitive files should be stored outside the web root and served via controlled endpoints.