Vulnerability DatabaseWS-2023-0273
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0273
November 03, 2024
In umami before 2.3.1 it is possible to reset the website data with a share link. When a user navigates to a /share/ URL, he receives a share token which is used for authentication. This token is later verified by useAuth. After the token is verified, the user can call most of the GET APIs that allow fetching stats about a website. The POST /reset endpoint is secured using canViewWebsite which is the incorrect verification for such destructive action. This makes it possible to completly reset all website data ONLY with view permissions.
Related ResourcesĀ (3)
https://github.com/umami-software/umami/commit/ec48a4e3250e9cefc481b339a90e6ceea6f1ec2b
https://github.com/umami-software/umami/security/advisories/GHSA-8www-cffh-4q98
https://github.com/umami-software/umami
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
HIGH
Subsequent System Availability
HIGH
CVSS v3
Base Score:
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH