Arbitrary Password Reset Found in student/personal.jsp

I found a arbitrary password reset in student/personal.jsp.
When a user modify its information, here is not a check about who it is, and calls update_student_security, updates database columns just according to id user controlled.
<img width="502" alt="image" src="https://github.com/Hui4401/StudentManager/assets/56333292/526cca09-0aaf-4bcf-99d0-10b2712d0660">
When a hacker modify uid to someone's uid, someone's information and password can be resetted as what hacker wants.
Following images are the information not modified, and I login as 20162430635.
![image](https://github.com/Hui4401/StudentManager/assets/56333292/8c1fbca7-86de-42c8-b97b-2521cfda0f2a)
![image](https://github.com/Hui4401/StudentManager/assets/56333292/d6602c60-6d9a-4d04-8bd1-05fbfda1431e)
I modify the id to 20162430636, and send the package, user-36's information is modified.
![image](https://github.com/Hui4401/StudentManager/assets/56333292/6629c626-e92b-4978-bdd0-109408bb175c)
![image](https://github.com/Hui4401/StudentManager/assets/56333292/4541a608-8775-4487-8c07-d629cf16d975)




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Arbitrary Password Reset Found in student/personal.jsp #9

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Arbitrary Password Reset Found in student/personal.jsp #9

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions