CVE-2023-34927

MEDIUM

Casdoor < 1.331.0 - Cross-Site Request Forgery via Password Reset Endpoint

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2023-34927. PoCs published by Van Lam Nguyen.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Casdoor v2.95.0, allowing an attacker to change the victim's password by tricking them into submitting a crafted form. The PoC bypasses the old password authentication step via a hidden form submission.

Description

Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.

Exploits (3)

exploitdb WORKING POC
by Van Lam Nguyen · textwebappsmultiple
https://www.exploit-db.com/exploits/52439

This exploit demonstrates a CSRF vulnerability in Casdoor v2.95.0, allowing an attacker to change the victim's password by tricking them into submitting a crafted form. The PoC bypasses the old password authentication step via a hidden form submission.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Casdoor v2.95.0
Auth required
Prerequisites: Victim must be logged into the Casdoor Webapp · Attacker must trick the victim into visiting a malicious page
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Van Lam Nguyen · textwebappsmultiple
https://www.exploit-db.com/exploits/52432

This exploit demonstrates a CSRF vulnerability in Casdoor v2.55.0, allowing an attacker to change the victim's password by tricking them into submitting a crafted form. The PoC uses a hidden HTML form with JavaScript to automatically submit the request.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Casdoor v2.55.0 and below
Auth required
Prerequisites: Victim must be logged into the Casdoor Webapp · Attacker must trick the victim into visiting a malicious page
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Van Lam Nguyen · textwebappsgo
https://www.exploit-db.com/exploits/51961

This exploit demonstrates a CSRF vulnerability in Casdoor's /api/set-password endpoint, allowing an attacker to change a victim's password without their old password. The PoC uses a crafted HTML form with hidden inputs to submit a password change request.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Casdoor <= v1.331.0
Auth required
Prerequisites: Victim must be logged into the Casdoor Webapp · Attacker must trick the victim into visiting a malicious page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Issue Tracking, Third Party Advisory
https://github.com/casdoor/casdoor/issues/1531

Scores

CVSS v3 6.5
EPSS 0.0040
EPSS Percentile 61.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (2)
casbin/casdoor < 1.331.0
casdoor/casdoor 0Go
Published Jun 22, 2023
Tracked Since Feb 18, 2026