Bug #8000: XSS on index.php via widget sequence parameters - pfSense - pfSense bugtracker

Actions

Copy link

Bug #8000

closed

XSS on index.php via widget sequence parameters

Added by Jim Pingle over 6 years ago. Updated over 6 years ago.

Status:

Resolved

Priority:

Urgent

Assignee:

Jim Pingle

Category:

Dashboard

Target version:

2.4.2

Start date:

10/24/2017

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.4.x

Affected Architecture:

All

Description

The widget 'sequence' parameter does not perform sanity checking on the widget instance counter, leading to an XSS as it is echoed back to the user directly

To test, edit config, add this to widget sequence tag:

,log:col2:open:next22611;alert(1)//139

Only affects 2.4.x

Actions

Copy link

Updated by Jim Pingle over 6 years ago

Status changed from Confirmed to Feedback
% Done changed from 0 to 100

Applied in changeset 7b973ceb6f72e22ee1b335128fb8d7f655c82879.

Actions

Copy link

Updated by Jim Pingle over 6 years ago

Status changed from Feedback to Resolved

Actions

Copy link

Updated by Jim Pingle over 6 years ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #8000

XSS on index.php via widget sequence parameters

Updated by Jim Pingle over 6 years ago

Updated by Jim Pingle over 6 years ago

Updated by Jim Pingle over 6 years ago