Gửi #401896: gouniverse cms 1.4.0 Incomplete Denylist to Cross-Site Scriptingthông tin

tiêu đề	gouniverse cms 1.4.0 Incomplete Denylist to Cross-Site Scripting
Mô tả	Cause of vulnerability: A potential Cross-site scripting (XSS) vulnerability exists on line 19 of the FrontendHandler.go file in the code. The vulnerability is caused by user-supplied values being inserted directly into the generated HTML page without proper processing or escaping. Specifically, the 'PageRenderHtmlByAlias' function takes an alias parameter and inserts it directly into the returned HTML string. If an attacker is able to control this alias parameter and inject malicious scripts, these scripts will be executed in the user's browser, resulting in a cross-site scripting attack. This situation is very dangerous because it allows an attacker to execute arbitrary code or steal user information. FrontendHandler.go line 33-52 func (cms Cms) FrontendHandlerRenderAsString(w http.ResponseWriter, r http.Request) string { uri := r.RequestURI if strings.HasSuffix(uri, ".ico") { return "" } languageAny := r.Context().Value(LanguageKey{}) language := utils.ToString(languageAny) if cms.translationsEnabled { isValidLanguage := lo.Contains(lo.Keys(cms.translationLanguages), language) if !isValidLanguage { language = cms.translationLanguageDefault } } return cms.PageRenderHtmlByAlias(r, r.URL.Path, language) } PageBuildHtml.go line 10-22 // PageRenderHtmlByAlias builds the HTML of a page based on its alias func (cms Cms) PageRenderHtmlByAlias(r http.Request, alias string, language string) string { page, err := cms.PageFindByAlias(alias) if err != nil { cms.LogStore.ErrorWithContext("At pageBuldHTMLByAlias", err.Error()) return "Page with alias '" + alias + "' not found" } if page == nil { return "Page with alias '" + alias + "' not found" } pageAttrs, err := page.GetAttributes() if err != nil { return "Page '" + alias + "' io exception" }
Nguồn	⚠️ https://github.com/gouniverse/cms/issues/5
Người dùng	zihe (UID 56943)
Đệ trình	03/09/2024 17:10 (cách đây 2 những năm)
Kiểm duyệt	07/09/2024 08:44 (4 days later)
Trạng thái	được chấp nhận
Mục VulDB	276802 [Gouniverse GoLang CMS 1.4.0 FrontendHandler.go PageRenderHtmlByAlias alias Tập lệnh chéo trang]
điểm	20

◂ Trước Tổng Quan Tiếp theo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!