You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I skimmed over the codebase and came across a few issues that need to be addressed:
Authentication: I noticed we are using UUID v1 to generate authentication tokens (/server/src/models/data/AuthDb.ts:40). Tokens generated by UUID v1 are meant to be unique, not secure (read: unguessable). For the most part, they are a combination of the MAC address and current timestamp. That makes it weak for session management purposes. Some other cryptographically secure function will do the job: Stackoverflow says crypto-js is good.
Input sanitization: The controller methods are feeding on the user-supplied data with trust i..e parsing them as numbers or JSON objects, querying the database with it, etc. A malicious user might be able to exploit this to cause a bunch of serious problems.
Access control: I broadly understand how access roles have been set up in this web app but I might be wrong here. With current permissions, a subscriber/author can create an admin account, log in to the new admin account, delete the original admins and "take over" the application. Might be worth looking into.
The text was updated successfully, but these errors were encountered:
I skimmed over the codebase and came across a few issues that need to be addressed:
Authentication: I noticed we are using UUID v1 to generate authentication tokens (
/server/src/models/data/AuthDb.ts:40). Tokens generated by UUID v1 are meant to be unique, not secure (read: unguessable). For the most part, they are a combination of the MAC address and current timestamp. That makes it weak for session management purposes. Some other cryptographically secure function will do the job: Stackoverflow says crypto-js is good.Input sanitization: The controller methods are feeding on the user-supplied data with trust i..e parsing them as numbers or JSON objects, querying the database with it, etc. A malicious user might be able to exploit this to cause a bunch of serious problems.
Access control: I broadly understand how access roles have been set up in this web app but I might be wrong here. With current permissions, a subscriber/author can create an admin account, log in to the new admin account, delete the original admins and "take over" the application. Might be worth looking into.
The text was updated successfully, but these errors were encountered: