You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Product: ATutor
Download: https://github.com/atutor/ATutor
Vunlerable Version: 2.2.2 and probably prior
Tested Version: 2.2.2
Author: ADLab of Venustech
Advisory Details:
Cross-Site Scripting (XSS) were discovered in“ATutor 2.2.2”, which can be exploited to execute arbitrary JS code.
The parameter "url" in the file /ATutor/mods/_standard/rss_feeds/edit_feed.php is unsafe, we can bypass the XSS filter.An attacker could execute arbitrary JS code in a browser in the context of the vulnerable website.
The exploitation examples below use the "alert()" JavaScript function to see a pop-up messagebox:
the poc is : =file%3A%2F%2F%2Fetc%2Fpasswd+%3C%3E%3Cimg+src%3Dxx+onerror%3Dalert%281%29%3E
The text was updated successfully, but these errors were encountered:
@atutor
I am providing more details about this vulnerability.
setp1: In the file /ATutor/mods/_standard/rss_feeds/edit_feed.php, while adding a news feed, and the parameter "url" is "file%3A%2F%2F%2Fetc%2Fpasswd+%3C%3E%3Cimg+src%3Dxx+onerror%3Dalert%281%29%3E"
Issue has now been resolved at: 9292360
Given it is a relatively minor issue, we will release this fix in the next release (2.2.3) rather than posting a patch. Mention its fixed in 2.2.3, or point to the git commit for the fix for earlier versions, in your report.
Product: ATutor
Download: https://github.com/atutor/ATutor
Vunlerable Version: 2.2.2 and probably prior
Tested Version: 2.2.2
Author: ADLab of Venustech
Advisory Details:
Cross-Site Scripting (XSS) were discovered in“ATutor 2.2.2”, which can be exploited to execute arbitrary JS code.
The parameter "url" in the file /ATutor/mods/_standard/rss_feeds/edit_feed.php is unsafe, we can bypass the XSS filter.An attacker could execute arbitrary JS code in a browser in the context of the vulnerable website.
The exploitation examples below use the "alert()" JavaScript function to see a pop-up messagebox:
the poc is : =file%3A%2F%2F%2Fetc%2Fpasswd+%3C%3E%3Cimg+src%3Dxx+onerror%3Dalert%281%29%3E
The text was updated successfully, but these errors were encountered: