XSS Vulnerability Report
Hi all! My client recently received a report of a potential XSS vulnerability related to the CMS Builder login page. I'm not sure if there's any validity to this or if it's anything to be concerned with, but I thought I'd reach out and get your advice. Here's the vulnerability report:
It looks like they are inserting script tags in the URL. Perhaps there's a way to disallow this via the .htaccess file?
Any input is appreciated. :-)
Thanks in advance,
Thank you for bringing this to our attention!
As a short-term patch, you can update /cmsb/lib/init.php at line 649 from this:
alert(sprintf(t("Updating Program Url to: %s")."<br>\n", $SETTINGS['adminUrl']));
alert(sprintf(t("Updating Program Url to: %s")."<br>\n", htmlencode($SETTINGS['adminUrl'])));
This should - at a minimum - remove the XSS vulnerability reported, though we'll also be doing a review of some underlying factors and will release this and any additional security fixes in the next version of CMSB.
Let me know if you have any further questions!