anjoy8 / christddd Goto Github PK

Summary

ChristDDD is vulnerable to Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) that may lead to the elevation of privileges and per-user denial of service (DoS).

Details

Issue 1: XSS (CVE-2018-0784)

The application doesn't have the fix for CVE-2018-0784 that was found in ASP.NET Core templates. It is vulnerable to XSS if the logged-in user is tricked into clicking a malicious link like https://localhost:44315/manage/EnableAuthenticator?AuthenticatorUri=%22%3E%3C/div%3E%00%00%00%00%00%00%00%3Cscript%3Ealert(%22XSS%22)%3C/script%3E and enters an invalid verification code. Mode details are available in the blog post.

Impact

This issue may lead to the elevation of privileges.

Remediation

Modify the code according to the instructions from the advisory.

Issue 2: CSRF (CVE-2018-0785)

The application doesn't have the fix for CVE-2018-0785 that was found in ASP.NET Core templates. It is vulnerable to CSRF. A logged-in user with enabled Second Factor Authentication (2FA) may lose their recovery codes if they are tricked into clicking a link like https://localhost:44315/manage/GenerateRecoveryCodes or visit a malicious site that makes the request without the user's consent. As a result the user may be permanently locked out of their account after loosing access to their 2FA device, as the initial recovery codes would no longer be valid.

Impact

This issue may lead to the per-user DoS.

Remediation

Modify the code according to the instructions from the advisory.

请大佬提供一份SQL数据库文件

Hi, how could I report a potential security vulnerability in the project?

示例太简单了，没法体现ddd原则和优点

前端状态管理就是数据状态通过action来管理，能够回放。
reduce state 就是处理状态，真的是太像了

项目里只看到了值对象，实体的定义，却没有看到聚合根IAggregateRoot接口的定义。
为什么？