Web application misconfiguration in messaging function. This vulnerability results in a user’s messages being automatically sent to all other users. This results in the user’s information potentially being exposed
link video Poc
https://drive.google.com/file/d/1eXQXJAeIJ0KVWAKRUeBtvgNZzHW_3la_/view?usp=sharing
1 . Login to admin account with chorme browser and login to demo account with another browser
2 . Using demo account send message to admin then intercept request with burpsuite and send request to burp repeater for editing
3 . Then fix the contact_id value with 3 , which is the id value of the demo account, let the demo account send messages to itself
4 . After sending a message to yourself, when the demo account sends a message to a certain user, the system will automatically send a message to all users.