Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CVE-2018-20806] Reflected XSS in Phamm login page #24

Closed
h33raj opened this issue Mar 20, 2018 · 7 comments
Closed

[CVE-2018-20806] Reflected XSS in Phamm login page #24

h33raj opened this issue Mar 20, 2018 · 7 comments

Comments

@h33raj
Copy link

h33raj commented Mar 20, 2018

Reflected Cross Site Scripting
Issue :
Cross-Site Scripting (XSS) attack is a type of injection attack, in which malicious code is injected into trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side code, to a different end user. The end user’s browser has no way to know that the code should not be trusted, and will execute the code. Because the end user thinks the script came from a trusted source, the malicious code can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. This code can even rewrite the content of the HTML page.

Proof Of Concept :
URL : http://localhost/phamm/public/main.php?action=%3C/title%3E%3Cbody%20onload=alert(1)%3E%3C/body%3E

screenshot_20180320_174923

Reason for this issue is $action is not sanitised and is reflected inside the title.

@gianmarcotoso
Copy link
Collaborator

Thank you for opening this issue. We'll look into it, meanwhile if you want to make a PR that would be very welcome :)

@h33raj
Copy link
Author

h33raj commented May 10, 2018

Sure, I can give a pull request for this issue within some days. I would be happy to do that.

Can I get CVE assigned for this issue?

@gianmarcotoso
Copy link
Collaborator

We don't have a process in place to assign CVEs. How should we go about it?

@gianmarcotoso
Copy link
Collaborator

Hello @h33raj, sorry for taking so long but I managed to submit a request for a CVE and I should be able to get back to you soon (I hope).

@gianmarcotoso
Copy link
Collaborator

Here you go, CVE-2018-20806. Let me know if you want to make the PR or if I should patch the vulnerability.

Thank you!

@gianmarcotoso gianmarcotoso changed the title Reflected XSS in Phamm login page [CVE-2018-20806] Reflected XSS in Phamm login page Mar 15, 2019
@h33raj
Copy link
Author

h33raj commented Mar 16, 2019

@gianmarcotoso , Thanks for the CVE. It has been around 1 year, happy to see that. I will give you PR.

@lota
Copy link
Owner

lota commented Jan 2, 2020

thanks for report, but Phamm is no longer supported,
we evaluate pull request only

@lota lota closed this as completed Jan 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants