关键漏洞信息 Vulnerability Type Cross-Site Request Forgery (CSRF) Affected Product Client Database Management System 1.0 Vendor SourceCodester Description The endpoint accepts a parameter via POST and returns a JSON response indicating success or failure. The application lacks CSRF protection mechanisms, allowing attackers to craft malicious HTML pages that can automatically send deletion commands to remove arbitrary users. Steps to Reproduce 1. Log in as a Super Admin and view the list of users. 2. Create an HTML file that issues a POST request to delete users by their IDs. 3. Optionally, create a more aggressive HTML page that sends multiple deletion requests. 4. Open the malicious HTML file in a browser while authenticated as Super Admin. 5. Observe that all users are deleted from the system without any confirmation or user interaction. Affected Component (server endpoint handling user deletion) Any web UI or admin panel that triggers deletion requests Session handling configuration Attack Type Remote Impact Code Execution: True Denial of Service: True Escalation of Privileges: True Attack Vectors A remote attacker can trick an authenticated administrator into visiting a malicious web page containing hidden POST forms or JavaScript that automatically sends deletion requests to . Recommended Mitigations Implement anti-CSRF tokens for all state-changing POST requests. Add Origin and Referer header validation to ensure requests come from trusted domains. Require re-authentication or explicit confirmation before executing high-privilege actions. Enforce server-side authorization checks. Use secure cookie configurations ( or , and flags). Maintain audit logs for administrative actions.