Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS in admin.php #489

Closed
prodigysml opened this issue Sep 29, 2018 · 7 comments
Closed

XSS in admin.php #489

prodigysml opened this issue Sep 29, 2018 · 7 comments

Comments

@prodigysml
Copy link

The Issue

Reflected Cross-Site Scripting (XSS) may allow an attacker to execute JavaScript code in the context of the victim’s browser. This may lead to unauthorised actions being performed, unauthorised access to data, stealing of session information, denial of service, etc. An attacker needs to coerce a user into visiting a link with the XSS payload to be properly exploited against a victim.

Where the Issue Occurred

The code below displays the user-controlled variable without sufficient sanitisation:

<input class="mw-ui-field mw-ui-field-big silver-field" autofocus="" tabindex="1" required name="username" type="text" placeholder="<?php _e("Username or Email"); ?>" <?php if (isset($_REQUEST['username']) != false): ?> value="<?php print $_REQUEST['username'] ?>" <?php endif;

@fgeek
Copy link

fgeek commented Dec 21, 2018

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000826 has been assigned for this vulnerability.

peter-mw added a commit that referenced this issue Dec 27, 2018
@peter-mw
Copy link
Member

hi, thanks for report. the issue is fixed now

@prodigysml
Copy link
Author

Nice job on the patch!

@fgeek
Copy link

fgeek commented Jan 5, 2019

@peter-mw In what release will this fix be included?

@fgeek
Copy link

fgeek commented Mar 23, 2019

@peter-mw ping?

@peter-mw
Copy link
Member

hi, this is fixed as of version 1.1.2

will tag the missing releases soon

@fgeek
Copy link

fgeek commented Mar 23, 2019

Thanks a lot! 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants