New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE-2018-20806] Reflected XSS in Phamm login page #24
Comments
|
Thank you for opening this issue. We'll look into it, meanwhile if you want to make a PR that would be very welcome :) |
|
Sure, I can give a pull request for this issue within some days. I would be happy to do that. Can I get CVE assigned for this issue? |
|
We don't have a process in place to assign CVEs. How should we go about it? |
|
Hello @h33raj, sorry for taking so long but I managed to submit a request for a CVE and I should be able to get back to you soon (I hope). |
|
Here you go, CVE-2018-20806. Let me know if you want to make the PR or if I should patch the vulnerability. Thank you! |
|
@gianmarcotoso , Thanks for the CVE. It has been around 1 year, happy to see that. I will give you PR. |
|
thanks for report, but Phamm is no longer supported, |
Reflected Cross Site Scripting
Issue :
Cross-Site Scripting (XSS) attack is a type of injection attack, in which malicious code is injected into trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side code, to a different end user. The end user’s browser has no way to know that the code should not be trusted, and will execute the code. Because the end user thinks the script came from a trusted source, the malicious code can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. This code can even rewrite the content of the HTML page.
Proof Of Concept :
URL : http://localhost/phamm/public/main.php?action=%3C/title%3E%3Cbody%20onload=alert(1)%3E%3C/body%3E
Reason for this issue is $action is not sanitised and is reflected inside the title.
The text was updated successfully, but these errors were encountered: