Project

General

Profile

Bug #9554

Stored XSS in ACME Package (version 0.5.7_1) /acme/acme_accountkeys_edit.php

Added by Chi Tran 3 months ago. Updated 10 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
ACME
Target version:
-
Start date:
05/25/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.4-p3
Affected Architecture:
amd64

Description

Stored XSS vulnerability occurs due to input validation errors in "Name" and "Description" fields when adding new account key.

Remediation:
- HTML Escape on those parameters would probably fix the issue.

Proof of Concept:
- See attached picture

Stored XSS.PNG (34.4 KB) Stored XSS.PNG Chi Tran, 05/25/2019 04:05 PM

History

#1 Updated by Jim Pingle 3 months ago

  • Project changed from pfSense to pfSense Packages
  • Category set to ACME
  • Assignee set to Jim Pingle

In the future, do not report security issues via Redmine. See https://www.netgate.com/security/

#2 Updated by Jim Pingle 3 months ago

  • Private changed from No to Yes

#3 Updated by Jim Pingle 3 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

Fixed in ACME 0.5.8

#4 Updated by Jim Pingle 3 months ago

  • Private changed from Yes to No

#5 Updated by Jim Pingle 10 days ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF