CVE-2026-4971
Cross-Site Request Forgery in SourceCodester Note Taking App
Publication date: 2026-03-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sourcecodester | note_taking_app | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-4971 is a Cross-Site Request Forgery (CSRF) vulnerability in the SourceCodester Note Taking App version 1.0, specifically affecting the note deletion functionality at the endpoint `/note-taking-app/notes/delete.php?id=`.
The vulnerability occurs because the app performs a note deletion operation via a GET request without any CSRF token validation. This means an attacker can craft a malicious webpage that, when visited by an authenticated user, silently triggers the deletion of notes without the user's consent.
For example, a hidden image tag in an attacker-controlled webpage can cause the victim's browser to send a deletion request automatically, deleting a note identified by the `id` parameter.
How can this vulnerability impact me? :
This vulnerability allows an attacker to delete any note belonging to an authenticated user without their knowledge or consent.
The impact includes unauthorized deletion of user data, leading to permanent loss of notes.
Attackers can exploit this via phishing or social engineering by tricking users into visiting malicious links or webpages.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized GET requests to the note deletion endpoint, specifically requests to `/note-taking-app/notes/delete.php?id=` which trigger note deletions without CSRF protection.
You can use network monitoring tools or web server logs to identify suspicious GET requests that perform state-changing operations.
Example commands to detect such activity include:
- Using grep on web server access logs to find deletion requests: `grep "/note-taking-app/notes/delete.php?id=" /var/log/apache2/access.log`
- Using tcpdump to capture HTTP GET requests to the vulnerable endpoint: `tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep "/note-taking-app/notes/delete.php?id="`
- Using curl or browser developer tools to manually test if the deletion endpoint accepts GET requests without CSRF tokens.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Change the note deletion operation to use POST requests instead of GET requests for all state-changing actions.
- Implement CSRF tokens on all state-changing requests and validate these tokens server-side before processing the request.
- Add the `SameSite` attribute to session cookies to reduce the risk of CSRF attacks.
- Review and update the application code to ensure that no state-changing operations are triggered by GET requests.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized deletion of user notes via a Cross-Site Request Forgery (CSRF) attack, leading to potential permanent loss of user data.
Such unauthorized data manipulation and loss could impact compliance with data protection regulations like GDPR and HIPAA, which require ensuring data integrity and protecting user data from unauthorized access or alteration.
Specifically, the vulnerability undermines data integrity controls and could result in non-compliance with requirements to safeguard personal or sensitive information against unauthorized modification or deletion.