Project

General

Profile

Actions
Copy link

Bug #7876

closed

Potential XSS in status_monitoring.php

Added by Jim Pingle about 7 years ago. Updated about 7 years ago.

Status:
Resolved
Priority:
Urgent
Assignee:
Jim Pingle
Category:
Status_Monitoring
Target version:
pfSense - 2.4.0
Start date:
09/19/2017
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
All
Affected Plus Version:
Affected Architecture:
All

Description

The "view" variable in status_monitoring.php is taken from $_GET and used in a hidden input ("view-title") without encoding, thus user-supplied input from GET is being put directly in the resulting HTML, resulting in an XSS vector.

Actions
Copy link
 #1

Updated by Jim Pingle about 7 years ago

  • Status changed from Confirmed to Feedback

Fixes pushed to the freebsd-ports repo:

FreeBSD-ports/devel f044c1e4e3f647028c57ae1a572dc6377e555ff3
FreeBSD-ports/RELENG_2_4_0 c919d10d1194da689a18905801bfe86ceef82230
FreeBSD-ports/RELENG_2_3 0db1ce65a93b063c268aaed477252197d566da03
FreeBSD-ports/RELENG_2_3_4 c3c919d640ff0a7319b8f080184bb90dabc7807e

Actions
Copy link
 #2

Updated by Jim Pingle about 7 years ago

  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Jim Pingle about 7 years ago

  • Status changed from Feedback to Resolved

Confirmed fixed on the latest snapshot.

Actions
Copy link
 #4

Updated by Jim Pingle about 7 years ago

  • Private changed from Yes to No
Actions
Copy link

Also available in: Atom PDF