Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

xss_2 #130

Open
xjzzzxx opened this issue Jul 15, 2024 · 1 comment
Open

xss_2 #130

xjzzzxx opened this issue Jul 15, 2024 · 1 comment

Comments

@xjzzzxx
Copy link

xjzzzxx commented Jul 15, 2024

Hello,

I would like to report for a XSS vulnerability in gazelle commit 63b3370

In file https://github.com/WhatCD/Gazelle/blob/master/sections/tools/managers/enable_requests.php

<input type="hidden" name="view" value="<?=$_GET['view']?>" />  // Line 159
<td><input type="text" name="username" value="<?=$_GET['username']?>" /></td> // Line 164
...
// There are still many unchecked outputs

Source from $_GET['view'] without any filtering or checking which resulting in XSS.

Poc

GET sections/tools/managers/enable_requests.php?view=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22

Manual verification

2_0

2

BTW,cms.gazelle.com in local(changes hosts)

@aaronhenderson
Copy link

Only affects staff and FLS so shouldn't really be any greater of a problem than tracking cookies, session fixation and standard grand theft auto really. Why haven't you submitted a pull request with an appropriate patch / fix?

Anyway; nice to see the projects not completely dead in the www, even if all the permissible use cases were fulfilled many years ago with private patches; still a really good framework to adopt as something worth understanding, learning and supporting none of the less.

Not worth being pirated over though sadly which is a real thing in many paradigms; californication, moderation and carole voldermolt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants