Project

General

Profile

Actions

Bug #15224

closed

``services_acb_settings.php`` does not fully validate value of ``frequency``, uses value without encoding

Added by Jim Pingle 10 months ago. Updated 7 months ago.

Status:
Resolved
Priority:
Very High
Assignee:
Category:
Auto Configuration Backup
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
24.03
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

The value supplied by the user for the frequency parameter on services_acb_settings.php is not fully validated, is stored in config.xml, and is then used in JavaScript without encoding.

This could lead to a potential stored XSS vulnerability where an attacker could make the change and then have another administrator visit the page at a later time.

Due to the location where the variable is used in JavaScript, the contents of the submitted string must break out of its current location using a value such as ")); alert(1);//

The user must be logged in and have sufficient privileges to access services_acb_settings.php and make changes to the configuration.

To me, I already have a fix tested and ready.

Actions

Also available in: Atom PDF