secDevLabs icon indicating copy to clipboard operation
secDevLabs copied to clipboard
verified publisher icon globocom

[A3] - Injection (XSS) - Gossip World

Open soaresraquel opened this issue 1 year ago • 0 comments

This solution refers to which of the apps?

Gossip World

What did you do to mitigate the vulnerability?

The safe filter is used to indicate that a variable contains safe HTML content. In summary, when someone sends a special character in the input field, this is ignored by the framework and the browser. As you can see, this is unsafe, because a user can send a script in the input field, as shown in the narrative attack. Therefore, I removed the safe filter from the input fields, and by default, the escape filter is activated automatically to convert those special characters and mitigate the vulnerability.

Did you test your changes? What commands did you run?

Yes, I reproduced the attack narrative.

soaresraquel avatar Jan 30 '24 20:01 soaresraquel