You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First log in to the background and go to the background Settings,(Compare the storage XSS vulnerabilities of chicken ribs)
Description here(HTML syntax support),Guess there is an XSS vulnerability,Get the parameter 【bbsmeta】here by grabbing the bag,Trace in the source code
application/controllers/AdminController.php code
This was filtered by addslashes() and htmlspecialchar ()
Obviously when you insert the data into the database you will have a layer of filtering, and then you will continue to track the specific page output location of this parameter to the following
application/views/index/index.php code
When the page is output here, the following function is made for the parameter 【bbsmeta】to handle htmlspecialchars_decode
The storage XSS here results in the storage XSS due to the use ofhtmlspecialchars_decode() function,
So through the black box to verify
Insert the following test statement in the background and click Update
payload:
<script>alert(/xss/)</script>
The XSS is then accessed directly to the foreground and executed successfully **http://20.20.20.129:8000/zibbs/index.php** Solution:
filter or encode special characters like this
<
"
'
&
%
... ...
and filter some keyword like this
script
javascript
... ...
or filter some label function which can run javascript like this
onclick
onerror
onload
... ...
The text was updated successfully, but these errors were encountered:
First log in to the background and go to the background Settings,(Compare the storage XSS vulnerabilities of chicken ribs)
Description here(HTML syntax support),Guess there is an XSS vulnerability,Get the parameter 【bbsmeta】here by grabbing the bag,Trace in the source code
application/controllers/AdminController.php code
This was filtered by addslashes() and htmlspecialchar ()
Obviously when you insert the data into the database you will have a layer of filtering, and then you will continue to track the specific page output location of this parameter to the following
application/views/index/index.php code
When the page is output here, the following function is made for the parameter 【bbsmeta】to handle htmlspecialchars_decode
The storage XSS here results in the storage XSS due to the use ofhtmlspecialchars_decode() function,
So through the black box to verify
Insert the following test statement in the background and click Update
payload:
<script>alert(/xss/)</script>The XSS is then accessed directly to the foreground and executed successfully
**http://20.20.20.129:8000/zibbs/index.php**
Solution:
filter or encode special characters like this
<
"
'
&
%
... ...
and filter some keyword like this
script
javascript
... ...
or filter some label function which can run javascript like this
onclick
onerror
onload
... ...
The text was updated successfully, but these errors were encountered: