Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS attacks may occur on the UJCMS #3

Closed
zur1ch opened this issue Jan 9, 2023 · 1 comment
Closed

XSS attacks may occur on the UJCMS #3

zur1ch opened this issue Jan 9, 2023 · 1 comment
Labels
bug Something isn't working

Comments

@zur1ch
Copy link

zur1ch commented Jan 9, 2023

Hello, I found that when ujcms V4.1.3 of your company added articles in the background, the redirection link was selected, and the url was not verified when the new window was opened without checking the check box. javascript pseudo-protocol is used to carry out cross-site attack. When the viewer clicks on the article, the cross-site attack is triggered. The user's browser control permissions and sensitive information can be obtained in this way.

Specific steps: When adding new articles, turn to the url and input javascript:alert(1). Click Save. When clicking the new articles in the foreground, js events can be triggered.
CVE-1
CVE-2

Suggestion: If you want to add a forward link, verify the location of the forward url in the system, for example, limit it to HTTP or HTTPS.

@ujcms ujcms added the bug Something isn't working label Jan 9, 2023
@ujcms
Copy link
Owner

ujcms commented Jan 10, 2023

Fixed in version 5.5.1

@ujcms ujcms closed this as completed Jan 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants