Cross-site Scripting (XSS) - DOM in forkcms/forkcms

Valid

Reported on

Aug 31st 2021

✍️ Description

The underlying library needs to get the charset in lowercase but fork is passing it in uppercase causing some of the XSS protections to fail

🕵️‍♂️ Proof of Concept

Go to https://demo.fork-cms.com/en/search?form=search&q_widget=%2Fen%2Fsearch%3Fform%3Dsearch%26q_widget%3D%22%3E%3Cinput%252Fonmouseover%253D%22alert%28%27jelmer%27%29%22%26submit%3Dsearch&submit=search and hover over the search box

💥 Impact

An attacker can execute JavaScript code in the website

Occurrences

Kernel.php L83

We have contacted a member of the forkcms team and are waiting to hear back 2 years ago

Jelmer Prins marked this as fixed with commit c21306 2 years ago

Jelmer Prins has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation

We have contacted a member of the forkcms team and are waiting to hear back 2 years ago

Jelmer Prins marked this as fixed with commit c21306 2 years ago

Jelmer Prins has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation