Actions
Bug #5201
closedStored XSS on authentication services
Start date:
09/24/2015
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
Description
To reproduce the cross-site scripting:
1. Go to https://localhost:9090/system_authservers.php?act=new
- on field Descriptive name: "></option></select><img src=x onerror=alert(1)>
- fill other required fields
- save
2. Go to https://localhost:9090/diag_authentication.php
Alert appears
Files
Updated by Fernando Munoz almost 10 years ago
Seems like encoding on this bugtracker breaks the payload, I'm attaching an image that shows what to type.
Updated by Jim Pingle almost 10 years ago
- Status changed from New to Feedback
Please re-test on a 2.2.5 snapshot from https://snapshots.pfsense.org/
I believe we have already fixed this after 2.2.4, notably with 64c50ecd239a61b42e9179be486f3792c03cb0b8
Updated by Chris Buechler almost 10 years ago
- Category set to Web Interface
- Status changed from Feedback to Resolved
- Affected Version set to All
confirmed fixed by what JimP linked.
Actions