VrandaNagar
commented
7 years ago Hi Mayank, I had some queries regarding this : Issue #1: We have tried reproducing the issue and landed on a conclusion that same email Id and name can not create an ambiguity in record, until there is a unique auto generated username present for each record. Thanks! Vranda
Security Testing focal points 1). While analyzing some part of the business logic, we found that an adversary could add duplicate record of a teacher with the same mail id and name using an admin account, which makes it vulnerable to a business logic flaw. Now this would lead to ambiguity in the records when forget password functionality comes in to action. Screencast for reference:https://www.screencast.com/t/rGfkqMscyt Steps to reproduce: a)Login using admin account b)Click on class and then select create new teacher c)Add two teacher with same mail id and detail d)View and observe them using advance search 2)We also found that the application to be vulnerable to Cross site request forgery ,one of the critical top 10 flaws on Owasp top 10 list . Details- When a new user logs in to the application for the first time, it throws a screen, requiring the user to change password. Now an adversary can create a HTML page with the same parameters manually or with the help of a tool named, XSRF tester. Further using social engineering techniques, this link can be shared with the victim user. Now the nature of this vulnerability would allow the adversary to trick the victim in to clicking the link and changing the password without victim's knowledge, thus making the application vulnerable. Steps to reproduce: 1.Log in to a new account
2). Fill all the details
3)Open CSRFTester, start recording the particular request and then click on generate html and save the
5)Now open the html page created above using XSRF tester in the same browser and observe that on the first click itself, password will change automatically.