Описание
ScnSocialAuth Cross-site Scripting vulnerability in login redirect param
ScnSocialAuth version 1.15.2 has been released and includes a security for this vulnerability. Fix has been applied in https://github.com/SocalNick/ScnSocialAuth/commit/4a00966c41bc37251586d007564c5c891eba3700
Affected versions
All versions below 1.15.2 are affected. dev-master is fixed starting from https://github.com/SocalNick/ScnSocialAuth/commit/4a00966c41bc37251586d007564c5c891eba3700
Exploits
Because of missing escaping of the URL param redirect a XSS attack is possible.
For example: Setting the redirect param to "><a%20href="http://github.com">GitHub.com</a><inpu%20type="hidden"%20" would result in a link added to the login page.
Resolution
If you are using any version of ScnSocialAuth below 1.15.2 please upgrade immediately by running composer update.
Пакеты
socalnick/scn-social-auth
< 1.15.2
1.15.2
6.1 Medium
CVSS3
Дефекты
6.1 Medium
CVSS3