Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Code injection vulnerability in Batflat v1.3.6 Users tab #98

Closed
mari0x00 opened this issue Jan 20, 2021 · 2 comments
Closed

Code injection vulnerability in Batflat v1.3.6 Users tab #98

mari0x00 opened this issue Jan 20, 2021 · 2 comments
Labels
bug Something isn't working

Comments

@mari0x00
Copy link

Users tab attributes aren't sanitized and some of them allow for code injection. This means that an authenticated user with access to Users tab can execute arbitrary code on the web server with application privileges.

Adding user with PHP code in "Displayed name" field:

image

PHP being executed:

image

@theofruitrouge
Copy link

This should be fixed ASAP.

@michu2k michu2k added the bug Something isn't working label Jul 24, 2021
@michu2k
Copy link
Collaborator

michu2k commented Jul 31, 2021

Fixed. The fix will be available in the next update.

@michu2k michu2k closed this as completed Jul 31, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants