| 제목 | Authenticated path traversal to Stored XSS and Denial-of-Service |
|---|
| 설명 | A vulnerability in phpbb allow an admin to add arbitrary JavaScript code via emoji importing, even though this action require file system access. This issue is chained with an issue in rendering the emoji that does not escape html character, which led to stored XSS.
I am currently requesting for full report disclosure so if an detailed report is needed, i will post the link to the report after disclosure.
Fix commit: https://github.com/phpbb/phpbb/commit/ccf6e6c255d38692d72fcb613b113e6eaa240aac
PoC video: https://shorturl.at/chCQT
New version release announcement: https://phpbb.com/community/viewtopic.php?t=2646991 |
|---|
| 원천 | ⚠️ https://phpbb.com/community/viewtopic.php?t=2646991 |
|---|
| 사용자 | shin24 (UID 55339) |
|---|
| 제출 | 2023. 10. 26. AM 04:37 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 11. 02. AM 06:58 (7 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 244307 [phpBB 까지 3.3.10 Smiley Pack acp_icons.php main pak 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|