Hi,
the issue is located in the set_cat_permalink function. The special "xss permalink" is detected as a bad permalink and so the function return immediately with an error message.
This is exactly at this point that the XSS occurs, the $permalink variable is displayed with an error message without escaping, which leads to the XSS.
A simple html_entities fix the issue. PR coming soon.
cpol0
pushed a commit
to cpol0/Piwigo
that referenced
this issue
Apr 19, 2021
Hi team!
I found a XSS in XSS in /admin.php?page=permalinks
Exploit Request:
PoC:


The text was updated successfully, but these errors were encountered: