Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

Javascript Code Insertion within OCS Reports

Hi,

I'm testing in OCSReports 2.8 and I found one insertion point of javascript code, it leads perform XSS Reflected above the home site and others. The issue it's about:

Using the next URL you can inspect the code through dev tools on your browser and check it. URL: http://10.220.33.62/ocsreports/index.php?xss='</script><script>alert(1)</script>

Below, you can see how reflects the payload send by url.

Evidence1

However, the exploration not is easy, the browser should be with XSS filter setting OFF. I ran it in IE, and this is the result. An attacker would be perform bypass the browser controls to gain more impact for this vulnerability and to access any of the user's data. If the victim user has privileged access within the application, then the attacker might be able to gain full control over all of the application's functionality and data.


regards.
 

Server information

Operating system

  • OS Name :
  • Version :
  • RAM installed :
  • Free RAM :
  • CPU :
  • Distribution :
  • Linux x86_64
  • 4.18.0-193.28.1.el8_2.x86_64
  • 3778 MB
  • 2972 MB
  • Intel(R) Xeon(R) Silver 4114 CPU @ 2.20GHz
  • CentOS Linux 8 (Core)

Software

  • PHP Version :
  • Web Server :
  • Database Server :
  • Version OCSReports:
  • 7.2.34
  • Apache/2.4.37 (centos) mod_perl/2.0.11 Perl/v5.26.3
  • MariaDB Server version 10.3.17-MariaDB
  • 2.8


 

in Core server development by (160 points)

2 Answers

0 votes
Thanks four you report.. i think you should post this on github (it is important)

https://github.com/OCSInventory-NG

The possibility that the developers will read your message is much more likely.

have you tried the same with version 2.8.1?

Kind regards
by (24.5k points)
0 votes
Thank you so much for your recommendation, I already shared it in GitHub: https://github.com/OCSInventory-NG/OCSInventory-ocsreports/issues/1155
by (160 points)
 
Powered by Question2Answer
...