Cross-site Scripting (XSS) - Reflected in falconchristmas/fpp

Reported on Jun 2nd 2021

✍️ Description

Reflected XSS in changebranch.php where due to improper implementation of code an attacker is able to inject malicious tags

🕵️‍♂️ Proof of Concept

    $branch = escapeshellcmd($_GET['branch']);
    $command = "sudo /opt/fpp/scripts/git_branch " . $branch . " 2>&1";

    echo "Command: $command\n"; 

payload: <script>alert('XSS')</script>

💥 Impact

This vulnerability is capable of doing XSS

Greg Hormann validated this vulnerability a month ago
x3rz has been awarded the disclosure bounty
The fix bounty is now up for grabs
Greg Hormann confirmed that a fix has been merged on 19c55e a month ago
Greg Hormann has been awarded the fix bounty