New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS in phpipamredirect cookie #2338

Closed
D-3lf opened this Issue Nov 29, 2018 · 1 comment

Comments

Projects
None yet
2 participants
@D-3lf
Copy link

D-3lf commented Nov 29, 2018

Setting the value of phpipamredirect to r5zkh'><script>alert(1)</script>quqtl results in XSS when the value is copied to a tag here:


<div class="col-xs-12">
--
  | <input type="password" id="password" name="ipampassword" class="login form-control input-sm" placeholder="Password" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"></input>
  | <input type='hidden' name='phpipamredirect' id='phpipamredirect' value='r5zkh'><script>alert(1)</script>quqtl'>	</div>

Proof on demo:
image

@GaryAllan GaryAllan closed this in ee5ef63 Nov 30, 2018

@GaryAllan

This comment has been minimized.

Copy link
Collaborator

GaryAllan commented Nov 30, 2018

Thanks. Please retest.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment