New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SOLVED: Stored Cross site Scripting in "Site Name EN" parameter #1
Comments
|
Dear clarcj, Thanks for your report which is very clear and professional. In this regard, this XSS is not a problem in itself. However, it is trus that it is not clean to allow HTML inside "Site Name EN" and we will change real_escape_string in the code into nohtml_real_escape_string in the database save of this information. If you have any question on this matter, please feel free to discuss it further. Thanks, Gilles Boussin |
|
I have commited the correction related to your post. Gilles |
|
Thank you for the quick reply. Yeah, it is True. the admin has only had access to the administration module. however, input validation should be implemented in order to make secure. if possible use the htmlspecialchars() function when accepting input from the users this well encrypts the HTML tags such as <> to > and < you can see the reference link specified in the mitigation section for more details. This is the example use of htmlspecialchars() in PHP You can close this subject. |
|
Thanks, I do close it. FYI, there are various places in Smarty templates where we call |escape:'html' like in admin_liste_configuration: {$res.string|html_entity_decode_if_needed|escape:'html'}{$res.comment} |
Vulnerability Name: Stored Cross-site Scripting in "Site Name EN*" Parameter
Vulnerability Description: An authenticated user can inject malicious javascript code into the "Site Name EN" field thus many of the modules are affected by this because the site name is visible in almost of all modules.
Vulnerable URL: http://localhost/peel-shopping_9_1_0/administrer/sites.php
Please saw the PoC below

Mitigation: the Entire site is Vulnerable to Cross-site scripting attacks input validation should be properly implemented
References for Mitigation Vulnerability: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
The text was updated successfully, but these errors were encountered: