[Secure-testing-team] Bug#868988: phamm: CVE-2017-0378 reflected XSS in phamm
John Lightsey
lightsey at debian.org
Thu Jul 20 00:13:02 UTC 2017
Source: phamm
Severity: important
Tags: upstream security
While looking through codesearch.debian.net I noticed that phamm's views/helpers.php uses $_SERVER['PHP_SELF'] in a way that is vulnerable to reflected XSS attacks.
To reproduce the problem, load a URL like this in Firefox:
http://127.0.0.1/phamm/main.php/%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E
The Debian Security team assigned this issue CVE-2017-0378
Upstream bug report is here: https://github.com/lota/phamm/issues/21
-- System Information:
Debian Release: 9.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
More information about the Secure-testing-team
mailing list