jexi
commented
7 years ago Thank you very much! Script has been fixed.
Closed bestshow closed 7 years ago
jexi
commented
7 years ago Thank you very much! Script has been fixed.
attritionorg
commented
7 years ago Can you link to the fixing commit please?
adia
commented
7 years ago Please see the following commits: e804fff1084695267cb7d3dfa1597117a3b65d26 (future development branch - 4.0) 18d625f221cf25aabb854fc885ba61fd4057586f (next release branch - 3.6) 55fde0b8146fcdd60cc22a23ed09c54168d2336b (current release branch - 3.5.5) Thanks again!
attritionorg
commented
7 years ago Great thank you!
Product: openeclass Download: https://github.com/gunet/openeclass Vunlerable Version: Release_3.5.4 and probably prior Tested Version: Release_3.5.4 Author: ADLab of Venustech
Advisory Details: Multiple Cross-Site Scripting (XSS) were discovered in “openeclass Release_3.5.4”, which can be exploited to execute arbitrary code. The vulnerabilities exist due to insufficient filtration of user-supplied data in multiple parameters passed to the “openeclass-master/modules/tc/webconf/webconf.php” URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. The exploitation examples below use the "alert()" JavaScript function to see a pop-up messagebox: Poc: (1) http://localhost/.../openeclass-master/modules/tc/webconf/webconf.php?meeting_id=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22 (2) http://localhost/.../openeclass-master/modules/tc/webconf/webconf.php?user=%22;%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E%3Cscript%3E