Project

General

Profile

Actions
Copy link

Bug #9554

closed

Stored XSS in ACME Package (version 0.5.7_1) /acme/acme_accountkeys_edit.php

Added by Chi Tran over 2 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
ACME
Target version:
-
Start date:
05/25/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
2.4.4-p3
Affected Plus Version:
Affected Architecture:
amd64

Description

Stored XSS vulnerability occurs due to input validation errors in "Name" and "Description" fields when adding new account key.

Remediation:
- HTML Escape on those parameters would probably fix the issue.

Proof of Concept:
- See attached picture

Files

Stored XSS.PNG (34.4 KB) Stored XSS.PNG Chi Tran, 05/25/2019 04:05 PM
Actions
Copy link
 #1

Updated by Jim Pingle over 2 years ago

  • Project changed from pfSense to pfSense Packages
  • Category set to ACME
  • Assignee set to Jim Pingle

In the future, do not report security issues via Redmine. See https://www.netgate.com/security/

Actions
Copy link
 #2

Updated by Jim Pingle over 2 years ago

  • Private changed from No to Yes
Actions
Copy link
 #3

Updated by Jim Pingle over 2 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

Fixed in ACME 0.5.8

Actions
Copy link
 #4

Updated by Jim Pingle over 2 years ago

  • Private changed from Yes to No
Actions
Copy link
 #5

Updated by Jim Pingle over 2 years ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF