Stored XSS vulnerability in fog project version 0.27 through 0.32



  • hi,

    I would like to bring to your attention there is a persistent XSS vulnerability in the printer management page

    in general, it is possible to add a crafted printer, and once a user/admin would visit the printer management page I could potentially steal his cookies

    POC can be found here:
    [media=youtube]fGncIGB8F0U[/media]


  • Senior Developer

    This problem is still present, but really only affects FOG setups who allow login across actual internet sources. Typically speaking this vulnerability really only affects malicious insiders trying to bring down an org, and won’t normally pose the problem.

    With that said, I’ve been working towards using mysql prepared statements but this will take quite a bit of work as much of the system was coded with the old procedural style of mysql php functions in mind.



  • Additional Stored XSS were found in other management pages.

    [media=youtube]tFCLDAH35jU[/media]


 

534
Online

41.5k
Users

12.0k
Topics

113.5k
Posts