Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS by using "onclick" #8000

Closed
Snowty opened this issue Dec 29, 2017 · 5 comments
Closed

XSS by using "onclick" #8000

Snowty opened this issue Dec 29, 2017 · 5 comments
Labels
Issue Stale (automatic label) This issue is stale because it has been open 1 year with no activity. Remove this label to keep open

Comments

@Snowty
Copy link

Snowty commented Dec 29, 2017

Bug

The xss filter in "htdocs/main.inc.php" is not enough, we can just use "onclick" and "onscroll" to bypass the filter,eg:
<div style="position:absolute;top:0;left:0;width:100%;height:100%" onclick="alert(52)"> ,
<body onscroll=alert(1)><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>,
and then we can inject the arbitrary code in many input forms.

Poc

image

image

Fix

Add the "onclick"、"onscroll" in the black list, and escape the "<",etc.

@frederic34
Copy link
Contributor

frederic34 commented Feb 4, 2018

b2feac9

@fgeek
Copy link

fgeek commented Feb 22, 2018

@frederic34 should this issue be closed or are additional commits expected?

@github-actions
Copy link

github-actions bot commented Mar 1, 2020

This issue is stale because it has been open 1 year with no activity. If this is a bug, please comment to confirm it is still present on latest stable version. if this is a feature request, please comment to notify the request is still relevant and not yet covered by latest stable version. Without comment, this issue will be closed automatically by stale bot in 15 days.

@github-actions github-actions bot added the Issue Stale (automatic label) This issue is stale because it has been open 1 year with no activity. Remove this label to keep open label Mar 1, 2020
@Snowty Snowty closed this as completed Mar 2, 2020
@fgeek
Copy link

fgeek commented Mar 2, 2020

Is this properly fixed in some version? Which version contains the fix and which commits fixed this vulnerability, thank you?

@fgeek
Copy link

fgeek commented Mar 2, 2020

Ping @frederic34

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Issue Stale (automatic label) This issue is stale because it has been open 1 year with no activity. Remove this label to keep open
Projects
None yet
Development

No branches or pull requests

3 participants