Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix h1 report 97073
Persistent XSS
--------------

Tengku Zahasman has reported via HackerOne that usernames were not properly
escaped when displayed in the audit trail widget of the dashboard upon login,
allowing persistent XSS attacks. An authenticated user with enough privileges
to create other users could exploit the vulnerability to access the
administrator account.

A CVE-ID has been requested, but not assigned yet.

CWE: CWE-79
CVSSv2: 5.6 (AV:N/AC:H/Au:S/C:C/I:P/A:N)
  • Loading branch information
mbeccati committed Mar 1, 2016
1 parent 4910365 commit 8d8c6df
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/templates/admin/dashboard/audit.html
Expand Up @@ -30,7 +30,7 @@
<li>
<div class="title">
<a target="_top" href="userlog-audit-detailed.php?auditId={$aValue.auditid}">
{$aValue.desc}
{$aValue.desc|escape}
</a>
</div>
<div>
Expand Down

0 comments on commit 8d8c6df

Please sign in to comment.