XSS Vulnerability #896
Labels
Comments
|
Yes I do remember we have discussed it by email and I also cannot reproduce it locally or on my testing server: Weird issue :( |
|
PHP version or extension related? |
|
This isn't a CMS install. There is no FPA report to be generated. All of the code on the server can be found in this repository or installed via |
|
OK. I was interested in the PHP and PHP-extensions part only anyway |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm making an executive decision to publicly disclose this known XSS vulnerability, before anyone else comments on that aspect of things.
Originally reported in September 2015 and again sometime in 2016 by
CYBER WARR?OR BUG RES. - AaCcTtandKenan Genç - ZerOneThe
search-userparameter used on the/usersroute is vulnerable to XSS, confirmable viahttps://issues.joomla.org/users?search-user=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt(1)%3E.This issue has ONLY been confirmed on the live hosting server. I cannot replicate this in my local environment nor on other hosting platforms I have deployed the tracker to specifically to validate this.
I can independently confirm that there is not a higher level vulnerability in the Joomla! Framework. https://issues.joomla.org/xte.php demonstrates this, the script that is executed can be found at https://gist.github.com/mbabker/423302220d26769a169bf56506e7ae5a.
I am making this issue public now because after a year looking at this on and off and having independent reports of the issue, I cannot confirm it in any environment except the live hosting platform and neither myself nor active JSST members have identified a code fix for this. I feel that the security risk of this issue at this time is not of such severity that it is a high risk to disclose unfixed.
The text was updated successfully, but these errors were encountered: