A reflected cross-site scripting (XSS) vulnerability has been identified in the UEditor 1.4.2. This vulnerability permits an attacker to inject malicious scripts into web pages viewed by users, potentially compromising user data and session integrity.
Details
The vulnerability exists in the /ueditor/php/action_crawler.php file of UEditor 1.4.2, where the source parameter is used to fetch and process image URLs.
The value of source is not appropriately sanitized or encoded, allowing the execution of arbitrary scripts.
Hebing123
commented
2 months ago
Summary
A reflected cross-site scripting (XSS) vulnerability has been identified in the UEditor 1.4.2. This vulnerability permits an attacker to inject malicious scripts into web pages viewed by users, potentially compromising user data and session integrity.
Details
The vulnerability exists in the
/ueditor/php/action_crawler.phpfile of UEditor 1.4.2, where the source parameter is used to fetch and process image URLs. The value of source is not appropriately sanitized or encoded, allowing the execution of arbitrary scripts.POC
http://your-ip/ueditor142/php/controller.php?action=catchimage&source[]=%22%3E%3Csvg%20onload=alert(1)%3E