XSS Vulnerability Report
3 posts by 2 authors in: Forums > CMS Builder
Last Post: August 12, 2022 (RSS)
Hi all! My client recently received a report of a potential XSS vulnerability related to the CMS Builder login page. I'm not sure if there's any validity to this or if it's anything to be concerned with, but I thought I'd reach out and get your advice. Here's the vulnerability report:
https://www.openbugbounty.org/reports/2613835/
It looks like they are inserting script tags in the URL. Perhaps there's a way to disallow this via the .htaccess file?
Any input is appreciated. :-)
Thanks in advance,
Jeremy
Dwelling Productions
www.dwellingproductions.com
By daniel - August 11, 2022
Hi Jeremy,
Thank you for bringing this to our attention!
As a short-term patch, you can update /cmsb/lib/init.php at line 649 from this:
alert(sprintf(t("Updating Program Url to: %s")."<br>\n", $SETTINGS['adminUrl']));to this:
alert(sprintf(t("Updating Program Url to: %s")."<br>\n", htmlencode($SETTINGS['adminUrl'])));This should - at a minimum - remove the XSS vulnerability reported, though we'll also be doing a review of some underlying factors and will release this and any additional security fixes in the next version of CMSB.
Let me know if you have any further questions!
Thanks again,
Technical Lead
interactivetools.com
Awesome! Thanks so much! That seems to have done the trick. I'll keep an eye out for future updates as well. Really appreciate it! :-)
All the best,
Jeremy
Dwelling Productions
www.dwellingproductions.com