easyii CMS out cross-site request forgery

Vulnerability

The easyii CMS (a Yii2-based content management system) contains a Cross-Site Request Forgery (CSRF) vulnerability in the logout functionality at /admin/sign/out. The endpoint lacks CSRF protection tokens, making it susceptible to forged requests. This affects all versions of easyii CMS prior to any fix (the issue was reported in GitHub issue #222 [2]). The vulnerability is classified as problematic with a CVSS score not yet provided by NVD [1].

Exploitation

An attacker can craft a malicious web page or email that, when visited by an authenticated administrator, triggers a logout request to /admin/sign/out. The attack requires no special privileges beyond the victim being logged into easyii CMS. The exploit has been publicly disclosed [2], and proof-of-concept code may be available.

Impact

Successful exploitation forces the administrator's session to be terminated, logging them out of the CMS. This is a denial-of-service (availability) impact on the admin session, but does not lead to data disclosure or privilege escalation. The attacker gains no direct access to the system, but can disrupt administrative operations.

Mitigation

As of the latest available references, no official patch has been released by the easyii CMS maintainers. The issue was reported in 2020 [2] and remains unaddressed. Users should consider implementing CSRF protection manually, such as adding CSRF tokens to the logout form, or using a web application firewall (WAF) to block cross-origin requests. The project appears to be inactive (last commit on GitHub [3] may be old), so a fix may not be forthcoming.