Details
-
Bug
-
Resolution: Fixed
-
Medium
-
5.3
-
None
-
6.5
-
Description
To reproduce:
1. Run the following command, replacing [PAGE_URL] with the URL of a new page and [USERNAME] and [PASSWORD] with your credentials (if anonymous access is not enabled):
curl '[PAGE_URL]' -H 'Referer: https://example.com/x"><iframe/onload=alert(0)>xx' -u '[USERNAME]:[PASSWORD]' -si
2. Repeat step 1 a few times. Five should be more than enough, but more are needed for non-new pages with existing "Hot Referrers".
3. Go to the page information for the target page. An alert should be displayed. (To do this, open the page you targeted in the browser, click Tools, click Page Information)
Attachments
Issue Links
- mentioned in
-
Page Loading...