Hello!
Checked my forms with the program Acunetix Web Vulnerability Scanner...
A large degree of XSS attack was detected.
Message of programm:
A malicious code can be placed on a row that runs on the page.
The code for this line is here MySite\administrator\components\com_chronoforms5\chronoforms\actions\html\html.php in line 277.
I can not determine the place where to make a patch (to filter the data) to prevent an attack.
Help, please!
Checked my forms with the program Acunetix Web Vulnerability Scanner...
A large degree of XSS attack was detected.
Message of programm:
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.
A malicious code can be placed on a row that runs on the page.
The code for this line is here MySite\administrator\components\com_chronoforms5\chronoforms\actions\html\html.php in line 277.
$form_action = (strlen($config->get('action_url', '')) > 0) ? $config->get('action_url', '') : \GCore\Libs\Url::buildQuery($current_url, array('chronoform' => $form->form['Form']['title'], 'event' => $config->get('submit_event', 'submit')));I can not determine the place where to make a patch (to filter the data) to prevent an attack.
Help, please!
The whole head broke.
The problem was temporarily decided as follows:
To file MySite\libraries\cegcore\libs\url.php In line 126 after:
Added a new line with the code:
The result is as follows (from line 126):
The problem was temporarily decided as follows:
To file MySite\libraries\cegcore\libs\url.php In line 126 after:
public static function buildQuery($path, $params = array()){Added a new line with the code:
$path=strip_tags(htmlspecialchars($path));The result is as follows (from line 126):
public static function buildQuery($path, $params = array()){
$path=strip_tags(htmlspecialchars($path));
if(empty($params)){
return $path;
}
$url_params = array();
if(strpos($path, '?') !== false){
$path_pcs = explode('?', $path);
$path_comps = parse_url($path);
$query = $path_comps['query'];
parse_str($query, $fragments);
$fragments = array_merge($fragments, $params);
return $path_pcs[0].'?'.http_build_query($fragments);
}else{
return $path.'?'.http_build_query($params);
}
}This topic is locked and no more replies can be posted.
