Skip to content
This repository has been archived by the owner on Mar 29, 2022. It is now read-only.

SocialNetwork – Cross-Site Scripting (XSS) #84

Closed
bestshow opened this issue Mar 23, 2017 · 1 comment
Closed

SocialNetwork – Cross-Site Scripting (XSS) #84

bestshow opened this issue Mar 23, 2017 · 1 comment
Assignees
@andreas83 @bestshow
Labels
bug

Comments

@bestshow
Copy link

bestshow commented Mar 23, 2017
edited
Loading

Product: SocialNetwork
Download: https://github.com/andreas83/SocialNetwork
Vunlerable Version: v1.2.1 and probably prior
Tested Version: v1.2.1
Author: ADLab of Venustech

Advisory Details:
A Cross-Site Scripting (XSS) was discovered in “SocialNetwork v1.2.1”, which can be exploited to execute arbitrary code.
The vulnerability exists due to insufficient filtration of user-supplied data in the “mail” HTTP POST parameter passed to the “SocialNetwork-andrea/app/template/pw_forgot.php” URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
The exploitation example below uses the "alert()" JavaScript function to see a pop-up messagebox:
Poc:
Post: mail=" /><script>alert(1);</script><input type="text
To
http://localhost/.../SocialNetwork-andrea/app/template/pw_forgot.php
@andreas83 andreas83 self-assigned this Mar 23, 2017
@andreas83 andreas83 added the bug label Mar 23, 2017
andreas83 added a commit that referenced this issue Mar 23, 2017
@andreas83
Update pw_forgot.php
1b0799d 
 #84 XSS Prevention
@andreas83
Copy link
Owner

Should be fixed now, please confirm

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@andreas83 andreas83

@bestshow bestshow

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andreas83 @bestshow