Flatpress- 1.2.1 - Reflected XSS on page parameter #153

For devs and testers: Tests of current development versions, technical details of the code.
Post Reply
laborix
Posts: 97
Joined: Sat Feb 16, 2019 3:51 pm

Flatpress- 1.2.1 - Reflected XSS on page parameter #153

Post by laborix » Wed Nov 30, 2022 4:58 pm

Details here:
https://github.com/flatpressblog/flatpress/issues/153

There is a quick fix for Flatpress 1.2.1 Issue #153 and you only have to change the existing Flatpress code (from 2015!) in only one file.

File: /admin/panels/static/admin.static.write.php
Line: 66 ff

Code: Select all


if (isset($_GET['page'])) {
  $id = $_GET['page'];
  $arr = static_parse($id);
  // if entry does not exists,
  // we print the list
  if ($arr) {
    $this->_makePreview($arr, $id);		
  }
		
}
Replace this lines with the following lines:

Code: Select all


if (isset($_GET['page'])) {
  $id = $_GET['page'];
  $arr = static_parse($id);
  // if entry does not exists,
  // we print the list
  if ($arr) {
    $this->_makePreview($arr, $id);		
  } else {
    $id = '';
    $arr = array();
    $_GET['page'] = '';
    utils_redirect('admin.php?p=static');        
  }
		
} 
regards

User avatar
fraenkiman
Posts: 93
Joined: Thu Feb 03, 2022 7:25 pm
Location: Berlin, Germany
Contact:

Re: Flatpress- 1.2.1 - Reflected XSS on page parameter #153

Post by fraenkiman » Wed Nov 30, 2022 9:47 pm

Hello Laborix,

I have tested your quick solution.
Once with fp-1.3dev [master (smarty 2.6.31)] and once with fp-1.3dev [master (smarty 4.2.1)].

So it seems that your solution can be used in the current master branch.

I was too free and left a comment in the issue.

With best regards
Frank
My Flatpress-Blog [German]: https://frank-web.dedyn.io

User avatar
Arvid
FlatPress Coder
Posts: 473
Joined: Sat Jan 26, 2019 7:40 pm
Contact:

Re: Flatpress- 1.2.1 - Reflected XSS on page parameter #153

Post by Arvid » Sat Dec 17, 2022 1:35 pm

Awesome, thank you very much for taking the time to inspect this and for providing and testing the fix. I just fixed it in the FlatPress code.

And again, you're both so much of help - thanks!

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests