Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Nickname" has a stored XSS vulnerability #52

Open
xfiftyone opened this issue Jul 6, 2021 · 2 comments
Open

"Nickname" has a stored XSS vulnerability #52

xfiftyone opened this issue Jul 6, 2021 · 2 comments
Labels

Comments

@xfiftyone
Copy link

Description

There is no escaping in the nickname field on the user list page,When viewing this page, the JavaScript code will be executed in the user's browser.

Impact Version

v1.03

Steps to Reproduce

1、Visit the profile page after logging in,http://xxx/user
2、Click on the nickname and insert the javascript code,test<img/src=x onerror=alert(1)>
3、Click save, the payload has been executed
image
The original request is as follows:

POST /admin/user/updateuser
name=Nickname&value=test%3Cimg%2Fsrc%3Dx+onerror%3Dalert(1)%3E&pk=300
@3xxx
Copy link
Owner

3xxx commented Jul 9, 2021

thank you,I will fix it.

@3xxx
Copy link
Owner

3xxx commented Jul 9, 2021

		value := c.Input().Get("value")
		value = template.HTMLEscapeString(value) //过滤xss攻击
                err = m.UpdateUser(id, name, value)

@3xxx 3xxx added the bug label Jul 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants