Описание
Multiple XSS Filter Bypasses in validator
Versions of validator prior to 1.1.0 are affected by several cross-site scripting vulnerabilities due to bypasses discovered in the blacklist-based filter.
Proof of Concept
Various inputs that could bypass the filter were discovered:
Improper parsing of nested tags:
Incomplete filtering of javascript: URIs:
UI Redressing:
Bypass via Nested Forbidden Strings:
Additional bypasses were discovered by Krzysztof Kotowicz in 2012 when auditing CodeIgniter's XSS filtering function, which this code was based off of.
Recommendation
If you are a developer currently using the xss filter function from the validator package, you should consider replacing it with the escape filter function from the same package. This function replaces all instances of angle brackets (<, >), ampersands, and quotation marks, so no HTML tags will be processed.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-7454
- https://github.com/advisories/GHSA-q4qq-fm7q-cwp5
- https://nealpoole.com/blog/2013/07/xss-filter-bypass-in-validator-nodejs-module
- https://www.npmjs.com/advisories/41
- http://blog.kotowicz.net/2012/07/codeigniter-210-xssclean-cross-site.html
- http://www.openwall.com/lists/oss-security/2016/04/20/11
Пакеты
validator
< 1.1.0
1.1.0
Связанные уязвимости
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
The validator module before 1.1.0 for Node.js allows remote attackers ...