New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VvvebJs 1.7.4 has a reflective XSS vulnerability #342
Comments
givanz
added a commit
that referenced
this issue
Mar 11, 2024
…om/Hebing123 updated Bootstrap to 5.3.3
Thanks for the vulnerability report, I included a fix in the latest commit c0c0545 and made a new release https://github.com/givanz/VvvebJs/releases/tag/1.7.5 |
This means that this issue will be fixed in 1.7.5, thanks to these developers at Vvveb team for their attention! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
VvvebJs 1.7.4 has a reflective cross-site scripting (XSS) vulnerability. An attacker can execute malicious code in the user's browser by inducing the user to click on a link containing malicious code.
Details
The vulnerability exists in the save.php file, which accepts input from the user and outputs it directly to the HTML page or executes it without any form of filtering or escaping.
Here is the code for the vulnerability:
VvvebJs/save.php
Lines 91 to 93 in c6422cf
VvvebJs/save.php
Line 159 in c6422cf
The $_GET['action'] accepts user input without any filtration or escaping, and it's directly assigned to the $action variable. In subsequent handling, the $action variable is processed without any effective security measures, and it's directly inserted into the front-end page during error messages, thus causing an XSS vulnerability.
Proof of Concept (POC)
http(s)://save.php?action=<script>alert(%27test%27)</script>
Impact
As this is a reflective XSS vulnerability, an attacker can construct a URL containing malicious code and lure the victim to access it. Once the victim accesses this malicious link, the harmful code is executed in their browser, potentially utilizing the victim's permissions to perform other possible malicious operations.
It is recommended that developers promptly fix the aforementioned reflective XSS vulnerability.
The text was updated successfully, but these errors were encountered: