v0.12 — Webhook + cron-endpoint hardening (3 sub-fixes) #108

New issue

Closed

opened 2026-05-26 18:23:41 +00:00 by jesse-a · 1 comment

jesse-a commented 2026-05-26 18:23:41 +00:00

Owner

Copy link

Severity: MEDIUM (v0.12 — pentest-rapport)

1. DocuSeal-webhook freshness-check — 5-min-window op t=…,v1=…- en <ts>.<sig>-signature-formaten tegen replay.
2. Mollie-webhook anti-spoof — bindt nu aan opgeslagen mollieId op het Invoice-record; metadata alleen niet meer voldoende om factuur op PAID te zetten.
3. Cron-endpoints: alleen POST + Authorization: Bearer-header (niet meer ?token= in query, die lekte via referrer/proxy-logs); timing-safe compare.
4. DocuSeal audit-log strip secret/signature-fingerprints om geen materiaal aan logs te leaken.

**Severity: MEDIUM** (v0.12 — pentest-rapport) 1. **DocuSeal-webhook freshness-check** — 5-min-window op `t=…,v1=…`- en `<ts>.<sig>`-signature-formaten tegen replay. 2. **Mollie-webhook anti-spoof** — bindt nu aan opgeslagen `mollieId` op het Invoice-record; metadata alleen niet meer voldoende om factuur op PAID te zetten. 3. **Cron-endpoints**: alleen POST + `Authorization: Bearer`-header (niet meer `?token=` in query, die lekte via referrer/proxy-logs); timing-safe compare. 4. **DocuSeal audit-log** strip secret/signature-fingerprints om geen materiaal aan logs te leaken.

jesse-a added the

fixed

security

severity-medium

labels 2026-05-26 18:23:41 +00:00

jesse-a commented 2026-05-26 18:23:41 +00:00

Author

Owner

Copy link

Opgelost in commit aa68ac1.

Opgelost in commit aa68ac1.

jesse-a closed this issue 2026-05-26 18:23:41 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

v1.0.0

v0.11

v0.10

v0.9

v0.8

v0.7

v0.6

v0.5

Labels

Clear labels   

deferred

Known issue, deferred

  

fixed

Resolved

  

security

Security review finding

  

severity-high

High severity

  

severity-low

Low severity

  

severity-medium

Medium severity

No labels

deferred

fixed

security

severity-high

severity-low

severity-medium

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

jesse-a/OpenCRM#108

No description provided.