Bug #16116: Potential XSS in Wake on LAN page and widget - pfSense - pfSense bugtracker

Actions

Copy link

Bug #16116

closed

Potential XSS in Wake on LAN page and widget

Added by Jim Pingle 8 months ago. Updated 5 months ago.

Status:

Resolved

Priority:

Very High

Assignee:

Jim Pingle

Category:

Wake on LAN

Target version:

2.8.0

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

25.07

Release Notes:

Default

Affected Version:

Affected Architecture:

Description

The page at services_wol_edit.php does not perform sufficient validation on the interface value submitted by users when creating or editing a WoL entry. This value is sent back to the user without encoding in the WOL list on services_wol.php and on the dashboard widget wake_on_lan.widget.php, which is a potential XSS vector.

Creating a new entry with the following data reproduces the problem condition:

{
    "interface": "wan\"><script>alert('XSS')</script>",
    "mac": "aa:bb:cc:dd:ee:00",
    "descr": "XSS+Test",
    "save": "Save" 
}

Files

poc-xss-wol-16116.py (1.41 KB) poc-xss-wol-16116.py

Jim Pingle, 04/01/2025 07:24 PM

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #16116

Potential XSS in Wake on LAN page and widget

Updated by Jim Pingle 8 months ago

Updated by Jim Pingle 8 months ago

Updated by Jim Pingle 8 months ago

Updated by Jim Pingle 8 months ago

Updated by Georgiy Tyutyunnik 7 months ago

Updated by Jim Pingle 7 months ago

Updated by Jim Pingle 6 months ago

Updated by Jim Pingle 5 months ago