Stored XSS vulnerability in fog project version 0.27 through 0.32



  • hi,

    I would like to bring to your attention there is a persistent XSS vulnerability in the printer management page

    in general, it is possible to add a crafted printer, and once a user/admin would visit the printer management page I could potentially steal his cookies

    POC can be found here:
    [media=youtube]fGncIGB8F0U[/media]


  • Senior Developer

    This problem is still present, but really only affects FOG setups who allow login across actual internet sources. Typically speaking this vulnerability really only affects malicious insiders trying to bring down an org, and won’t normally pose the problem.

    With that said, I’ve been working towards using mysql prepared statements but this will take quite a bit of work as much of the system was coded with the old procedural style of mysql php functions in mind.



  • Additional Stored XSS were found in other management pages.

    [media=youtube]tFCLDAH35jU[/media]


Log in to reply
 

320
Online

38724
Users

10554
Topics

99908
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.