Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug Report: XSS Vulnerability in acp.php on FlatCore v1.4.6 #34

Closed
ghi5107 opened this issue May 24, 2017 · 5 comments

Comments

Projects
None yet
3 participants
@ghi5107
Copy link

commented May 24, 2017

Title: XSS Vulnerability in acp.php
Security: Low (visit acp.php as a administrator)
Software: https://codeload.github.com/flatCore/flatCore-CMS/zip/v1.4.6
code:
pages.edit_form.php:
flatcore xss

Reproduce: (get client cookie information)
http://localhost/fc/acp/acp.php/p3q7o'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eoqch8?tn=pages&sub=edit&editpage=2
xss

reference about XSS:
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

Discovered by: ghi from Huawei Weiran Labs

@ghi5107 ghi5107 changed the title XSS Vulnerability in acp.php on FlatCore v1.4.6 Bug Report: XSS Vulnerability in acp.php on FlatCore v1.4.6 May 25, 2017

@ghi5107

This comment has been minimized.

Copy link
Author

commented Jun 2, 2017

Do anyone confirm the issue??
I think xss vulnerabiltiy is harmful to administrator, attacker may steal information by enticing a administator to open a crafted web page.

@patkon

This comment has been minimized.

Copy link
Member

commented Jun 2, 2017

I'll fix that as soon as possible. I'm working on it.
Thanks for reporting.

@ghi5107

This comment has been minimized.

Copy link
Author

commented Jun 6, 2017

thanks for your response

@fgeek

This comment has been minimized.

Copy link

commented Jun 7, 2017

CVE-2017-9451 has been assigned for this vulnerability. You can add it to commit message and ChangeLog file, thanks.

patkon added a commit that referenced this issue Jun 7, 2017

Prevent XSS Vulnerability
Issue: Bug Report: XSS Vulnerability in acp.php on FlatCore v1.4.6 #34
@ghi5107

This comment has been minimized.

Copy link
Author

commented Jun 7, 2017

Verified, no longer work, thank you.

@ghi5107 ghi5107 closed this Jun 7, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.