I'm not sure I understand what's going on here: The "vulnerability" is that "X-Forwarded-For" can be manipulated by the client?VI. DESCRIPTION ------------------------- "X-Forwarded-For" is a HTTP header used to carry the client's original IP address. However, because these headers may very well be added by the client to the requests, if the systems/devices use IP addresses which decelerate at X-Forwarded-For header instead of original IP, various issues may be faced. If the data originating from these fields is trusted by the application developers and processed, any authorization checks originating IP address logging could be manipulated.
VII. PROOF OF CONCEPT ------------------------- Affected Component: Wordpress core Affected version Wordpress 5.1 -Add X-Forwarded-For header to the /wp-admin -You will get an error about your IP -Next go /wp-admin/admin-ajax.php and add X-Forwarded-For header again
This doesn't make any sense.There is nothing on Wordpress' website ( https://wordpress.org/news/category/security/ ) about an issue like this one, nor on the mitre's website ( https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35539 ).
Can you please elaborate on this issue? _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/