Details
-
Sub-task
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Trunk
-
None
-
Bug Crush Event - 21/2/2015
Description
This vulnerability was reported by 牛治 <niu.zhi@zte.com.cn>:
Locations:
- catalog/control/EditProductPromo
- catalog/control/EditProductPromoCode
Description: the Promo Name and Promo Text input boxes on the EditProductPromo page have not a valid verification and result in an XSS attack.
Poc: Encode the characters of "<script>alert('poruin')</script>", and the poc after encoding is as follows "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"
As this vulnerability is a post-auth we did not create a CVE