Key Information Summary Vulnerability Type CSRF (Cross-Site Request Forgery) Affected Endpoint URL: HTTP Method: POST Vulnerable Parameter: Reproduction Steps 1. Log in as an authenticated user - Access: - Username: admin - Password: Password@123 2. Use CSRF Proof of Concept (PoC) - Save the following HTML code as 3. Trigger CSRF Attack - Open the file in a browser where the victim is already logged in - The form automatically submits and sends the request - The backend processes the request and returns the matching record Technical Evidence HTTP Request Sent by PoC - Contains a forged POST request simulating legitimate user actions Response - Confirms the request was accepted and executed successfully, with no CSRF protection or user interaction required Impact Attackers can create malicious web pages to perform actions without the logged-in user’s knowledge - Unauthorized searches - Viewing patient records - If other endpoints (e.g., edit, delete, or update) lack CSRF protection, related attacks may be possible - Poses risks to system confidentiality and integrity Recommended Remediation 1. Implement CSRF tokens 2. Set SameSite cookies 3. Validate headers 4. Use frameworks with built-in CSRF protection Author Information Name: Vansh Shrivastava and Subhash Pawde Discovery Date: June 27, 2023 Tools Used: Burp Suite Professional, Httrack, HTML PoC Testing Environment: PRMS setup installed (PHP-based)