This article addresses the scenarios which reflects a Cross-Site Request Forgery(CSRF) attack. The CSRF attack was viable by using a malicious HTML file.
For example the HTML code can change the user profile if the user is already logged to portal.
One way to prevent the CSRF attack would be to enable referer check. Referer check would match the Host header with the Referer Header in the request.
When referer check is set to no or false in following file /SYSTEM/conf/properties.xml cmsConfig.enableRefererCheck , then portal is exploitable.
Please use the following steps to address CSRF attack
1. Login into /admin
2. Navigate to /admin?action=list&path=/SYSTEM/conf
3. Edit the properties file to the following values if not set already
<Property name="cmsConfig.enableRefererCheck" value="true" />
<Property name="cmsConfig.clickjacking.security.enabled" value="true" />
<Property name="cmsConfig.clickjacking.security.frameoptions.default" value="SAMEORIGIN" />
4. Save the file and republish the file (click the green arrow)
5. As a quick test to see if the referer check is working correctly, you should not be able to navigate by cutting and pasting into the URL bar (for example, if you're at /admin?action=home then you can't cut and paste to get to /admin?action=list&path=/resources)
The 403 forbidden message would be shown.