Target : getgrav/grav
https://github.com/getgrav/grav
GitHub - getgrav/grav: Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS powered by PHP, Markdown, Twig
Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS powered by PHP, Markdown, Twig, and Symfony - GitHub - getgrav/grav: Modern, Crazy Fast, Ridiculously Easy and Amazingly P...
github.com
Description
a 태그의 href 속성에 javascript: 를 넣을 수 있어 XSS 취약점이 발생한다.
PoC
<a href="javascript:alert(document.domain)">CLICK HERE TO EXPLOIT THIS XSS</a>
관련 링크
https://huntr.dev/bounties/67085545-331e-4469-90f3-a1a46a078d39/
Cross-site Scripting (XSS) - Stored vulnerability found in grav
Reported on Jan 2nd 2022
huntr.dev
https://github.com/getgrav/grav/issues/3298
XSS content check for 'invalid_protocols' can trigger false-positives · Issue #3298 · getgrav/grav
If in your content you have a legitimate text that includes a protocol, it gets flagged as false-positive. Example: Pre-publication image data: management and processing This triggers invalid_proto...
github.com
https://github.com/getgrav/grav/issues/3175
Ignore dangerous HTML tags in code blocks · Issue #3175 · getgrav/grav
Hello, Noticed I had this warning in Tools > Reports: Security Scan complete: 1 potential XSS issues found... This is a false-positive triggered by <meta> tags being included in code block...
github.com
'취약점.' 카테고리의 다른 글
| 'csv-plus' HTML Injection 취약점 #CVE-2022-21241 (0) | 2022.08.01 |
|---|---|
| 'Bodymem' Prototye Pollution 취약점 #CVE-2022-25296 (0) | 2022.07.13 |
| 'Drogon' Arbitray File Write 취약점 #CVE-2022-25297 (0) | 2022.07.09 |
댓글