Closed iznogoud59 closed 3 years ago
Could it be a fake? I cannot reproduce the author's example on either the original FluxBB or FluxBB_by_Visman. Description: https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35240.md Attempt to reproduce: https://fluxbb.org/forums/viewtopic.php?id=9829 (The link is valid only for users, not for guests.) The result is negative, there is no script, there is just text.
<h3>>'>"><img src=x onmouseover =prompt(document.domain)></h3>
<div class="postmsg">
<p>>'>"><img src=x onmouseover =prompt(document.domain)></p>
</div>
P.S. Additional information: In FluxBB, user cookies are not accessible from javascript. The httponly flag is enabled by default. https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies
If the problem actually exists, then a quick fix is Content-Security-Policy https://content-security-policy.com/ https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Give me sometime. Currently I'm out of station, but it's not fake I will give you the video POC. When I tried it gave me a pop-up, you can even see my POC screenshot.
Thanks, Hemant Patidar
Thought out loud: Content-Security-Policy won't help much until all inline scripts and styles are moved to files (including scripts from input/button events).
A month has passed, but there is no confirmation of this vulnerability.
Close, this vulnerability is a fake.
When I tried it gave me a pop-up, you can even see my POC screenshot.
There is no screenshot in the description of the vulnerability: https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35240.md
and https://github.com/hemantsolo/CVE-Reference/issues/1#issue-781799411
hello,
You know this : https://vuldb.com/?id.167059 ? it's fix for us with your version?
Thanks