New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Admin page Stored Cross-site Scripting (XSS) #459
Comments
|
CVE-2018-8832 is assigned |
|
This was fixed with the new UI upgrade #611 |
|
@gseidel , could you please point out what was the vulnerable file? |
|
@NicoleG25 The problem was the file The configuration set the return value as html safe (The rendering engine twig would escape dynamic values be default), which is not true for rendering the table grid, because it contains unsafe user values. The |
Thank you ! |
Summary
enhavo CMS has XSS security issue on the admin page.
An authorized attacker can put any kind of javascript. And it is executed on authorized victim browser without induce
Reproduction
Here is how to reproduce this issue.
Then you find that dialog appeared and XSS happens.
Payloads
Set Usergroup as following.
Event
The text was updated successfully, but these errors were encountered: