You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
VvvebJs 1.7.4 has a reflective cross-site scripting (XSS) vulnerability. An attacker can execute malicious code in the user's browser by inducing the user to click on a link containing malicious code.
Details
The vulnerability exists in the save.php file, which accepts input from the user and outputs it directly to the HTML page or executes it without any form of filtering or escaping.
Here is the code for the vulnerability:
The $_GET['action'] accepts user input without any filtration or escaping, and it's directly assigned to the $action variable. In subsequent handling, the $action variable is processed without any effective security measures, and it's directly inserted into the front-end page during error messages, thus causing an XSS vulnerability.
As this is a reflective XSS vulnerability, an attacker can construct a URL containing malicious code and lure the victim to access it. Once the victim accesses this malicious link, the harmful code is executed in their browser, potentially utilizing the victim's permissions to perform other possible malicious operations.
It is recommended that developers promptly fix the aforementioned reflective XSS vulnerability.
The text was updated successfully, but these errors were encountered:
Summary
VvvebJs 1.7.4 has a reflective cross-site scripting (XSS) vulnerability. An attacker can execute malicious code in the user's browser by inducing the user to click on a link containing malicious code.
Details
The vulnerability exists in the save.php file, which accepts input from the user and outputs it directly to the HTML page or executes it without any form of filtering or escaping.
Here is the code for the vulnerability:
VvvebJs/save.php
Lines 91 to 93 in c6422cf
VvvebJs/save.php
Line 159 in c6422cf
The $_GET['action'] accepts user input without any filtration or escaping, and it's directly assigned to the $action variable. In subsequent handling, the $action variable is processed without any effective security measures, and it's directly inserted into the front-end page during error messages, thus causing an XSS vulnerability.
Proof of Concept (POC)
http(s)://save.php?action=<script>alert(%27test%27)</script>
Impact
As this is a reflective XSS vulnerability, an attacker can construct a URL containing malicious code and lure the victim to access it. Once the victim accesses this malicious link, the harmful code is executed in their browser, potentially utilizing the victim's permissions to perform other possible malicious operations.
It is recommended that developers promptly fix the aforementioned reflective XSS vulnerability.
The text was updated successfully, but these errors were encountered: