auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped
Moderate severity
GitHub Reviewed
Published
Sep 10, 2024
in
DamienHarper/auditor-bundle
•
Updated Nov 18, 2024
Description
Published to the GitHub Advisory Database
Sep 10, 2024
Reviewed
Sep 10, 2024
Published by the National Vulnerability Database
Sep 10, 2024
Last updated
Nov 18, 2024
Summary
Unescaped entity property enables Javascript injection.
Details
I think this is possible because %source_label% in twig macro is not escaped. Therefore script tags can be inserted and are executed.
PoC
Impact
persistent XSS. JS can be injected and executed.
References