Skip to content

Improve potential XSS attack #57

New issue
New issue
Open
Open
Improve potential XSS attack#57
Labels
Hacktoberfest
@istais

Description

@istais
istais
opened on May 20, 2016

It is possible to circumvent the IDS filter using the following vectors:

<p onmouseover=-a() ></p>
<p onmouseover=(a()) ></p>
<p onmouseover=;a() ></p>
<p onmouseover=!a() ></p>

Other types of events can also be use used for the attack (e.g. "onClick").

The vulnerability is allowed because the filter requires an alphanumeric character (and the symbols "_" "$") after an event followed by the "=" symbol in order to flag the input as an attack and increase the impact. By adding a symbol that does not break the JavaScript syntax (such as the "-" or the parenthesis "()" ) just after the "=" character permits an adversary to bypass this pattern check. Rules 71, 27, 2 and 65 are related to this insufficient pattern match. It is recommended to extend these regular expressions in order to also include the symbols in the accepted pattern.

The issue is clone of PHPIDS/PHPIDS#74

Metadata

Metadata

Assignees

No one assigned

    Labels

    Hacktoberfest

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions