You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<input type="hidden" name="view" value="<?=$_GET['view']?>" /> // Line 159
<td><input type="text" name="username" value="<?=$_GET['username']?>" /></td> // Line 164
...
// There are still many unchecked outputs
Source from $_GET['view'] without any filtering or checking which resulting in XSS.
Poc
GET sections/tools/managers/enable_requests.php?view=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22
Manual verification
BTW,cms.gazelle.com in local(changes hosts)
The text was updated successfully, but these errors were encountered:
Only affects staff and FLS so shouldn't really be any greater of a problem than tracking cookies, session fixation and standard grand theft auto really. Why haven't you submitted a pull request with an appropriate patch / fix?
Anyway; nice to see the projects not completely dead in the www, even if all the permissible use cases were fulfilled many years ago with private patches; still a really good framework to adopt as something worth understanding, learning and supporting none of the less.
Not worth being pirated over though sadly which is a real thing in many paradigms; californication, moderation and carole voldermolt.
Hello,
I would like to report for a XSS vulnerability in gazelle commit 63b3370
In file https://github.com/WhatCD/Gazelle/blob/master/sections/tools/managers/enable_requests.php
Source from
$_GET['view']
without any filtering or checking which resulting in XSS.Poc
GET sections/tools/managers/enable_requests.php?view=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22
Manual verification
BTW,cms.gazelle.com in local(changes hosts)
The text was updated successfully, but these errors were encountered: