Gửi #228345: Authenticated path traversal to Stored XSS and Denial-of-Servicethông tin

tiêu đềAuthenticated path traversal to Stored XSS and Denial-of-Service
Mô tảA vulnerability in phpbb allow an admin to add arbitrary JavaScript code via emoji importing, even though this action require file system access. This issue is chained with an issue in rendering the emoji that does not escape html character, which led to stored XSS. I am currently requesting for full report disclosure so if an detailed report is needed, i will post the link to the report after disclosure. Fix commit: https://github.com/phpbb/phpbb/commit/ccf6e6c255d38692d72fcb613b113e6eaa240aac PoC video: https://shorturl.at/chCQT New version release announcement: https://phpbb.com/community/viewtopic.php?t=2646991
Nguồn⚠️ https://phpbb.com/community/viewtopic.php?t=2646991
Người dùng
 shin24 (UID 55339)
Đệ trình26/10/2023 04:37 (cách đây 3 những năm)
Kiểm duyệt02/11/2023 06:58 (7 days later)
Trạng tháiđược chấp nhận
Mục VulDB244307 [phpBB đến 3.3.10 Smiley Pack acp_icons.php main pak Tập lệnh chéo trang]
điểm20

Interested in the pricing of exploits?

See the underground prices here!