Bludit 3.16.1 fails to prevent malicious admin actions

Summary

An attacker could trick a Bludit administrator into uninstalling plugins or installing malicious themes without their knowledge, leading to loss of functionality and potentially compromising the system. This is a security risk because it allows an attacker to secretly make changes to the site. To address this issue, update Bludit to the latest version or apply a patch to prevent CSRF attacks.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
bludit	bludit	3.16.1	–

Original title

Bludit version 3.16.1 contains a cross-site request forgery (CSRF) vulnerability in the /admin/uninstall-plugin/ and /admin/install-theme/ endpoints. The application does not implement anti-CSRF to...

Original description

Bludit version 3.16.1 contains a cross-site request forgery (CSRF) vulnerability in the /admin/uninstall-plugin/ and /admin/install-theme/ endpoints. The application does not implement anti-CSRF tokens or other request origin validation mechanisms for these administrative actions. An attacker can induce an authenticated administrator to visit a malicious page that silently submits crafted requests, resulting in unauthorized plugin uninstallation or theme installation. This may lead to loss of functionality, execution of untrusted code via malicious themes, and compromise of system integrity.

nvd CVSS3.1 4.3

nvd CVSS4.0 5.1

Vulnerability type

CWE-352 Cross-Site Request Forgery (CSRF)

https://github.com/bludit/bludit/issues/1577 Exploit Issue Tracking
https://www.vulncheck.com/advisories/bludit-csrf-in-plugin-and-theme-management-... Third Party Advisory