Ifixit.com fixes csrf vulnerability

Ifixit.com is very popular for geeks who are interested in hardware stuff. On the website you are able to inform yourself about diffrent devices and the possiblity to fix things which are broken on your own. So you are able to safe money and time without the device. For users who are interested in hardware this website is worth a visit, because you can learn a lot about hardware. On the website of ifixit next to the forum is also a small onlineshop were you can buy things like hardware tools. We discovered two csrfs, which affected the cart. The csrf-token was not validated correctly, so an attacker would be able to add his own products to other users cart unnoticed or remove others.

We send an email to the security team in the 21th march 2013 and get an answer 5 hours later, that the issue get verified. We were told, that they changed to Varnish (a tool for the coaching of html-files), to reduce the serverload. So every csrf token of a logged-out user was the same, there was no correct validation.

But they perceive that this is not a good idea for a productpage, so they promised to fix it. In the same mail we were asked how we want to get listed on the responsible disclosure and for the address to send a small thank you gift. We send them the information and after small delivery problems we got a ifixit-t-shirt and a small toolkit. We say thank you for the nice communication and the gift,

The team of internetwache.org