Actions
Bug #7651
closedfirewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name
Start date:
06/16/2017
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All
Description
Two problems with firewall_nat_edit.php that together can lead to XSS via the interface parameter:
- Lack of input validation allows the 'interface' parameter to be saved with an invalid value (interface that does not exist) through manipulation of the source or via external submission
- When an invalid interface contains code that could trigger an XSS, it would be run by the dst_change invocation on line 1213 (master)
Updated by Jim Pingle over 7 years ago
- Status changed from Confirmed to Feedback
- % Done changed from 0 to 100
Applied in changeset 9c8540ca53f8258a44aaf13100d575b30ae77e65.
Actions