Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS in phpipamredirect cookie #2338

Closed
D-3lf opened this issue Nov 29, 2018 · 1 comment
Closed

XSS in phpipamredirect cookie #2338

D-3lf opened this issue Nov 29, 2018 · 1 comment

Comments

@D-3lf
Copy link

D-3lf commented Nov 29, 2018

Setting the value of phpipamredirect to r5zkh'><script>alert(1)</script>quqtl results in XSS when the value is copied to a tag here:


<div class="col-xs-12">
--
  | <input type="password" id="password" name="ipampassword" class="login form-control input-sm" placeholder="Password" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"></input>
  | <input type='hidden' name='phpipamredirect' id='phpipamredirect' value='r5zkh'><script>alert(1)</script>quqtl'>	</div>

Proof on demo:
image

@GaryAllan
Copy link
Collaborator

Thanks. Please retest.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants