Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-G6F5-4W43-2X63
HistoryMay 29, 2024 - 1:04 p.m.

ScnSocialAuth Cross-site Scripting vulnerability in login redirect param

2024-05-2913:04:32
CWE-79
GitHub Advisory Database
github.com
1
scnsocialauth
cross-site scripting
login redirect
vulnerability
update
composer
github

6.2 Medium

AI Score

Confidence

High

JSON

ScnSocialAuth version 1.15.2 has been released and includes a security for this vulnerability. Fix has been applied in https://github.com/SocalNick/ScnSocialAuth/commit/4a00966c41bc37251586d007564c5c891eba3700

Affected versions

All versions below 1.15.2 are affected. dev-master is fixed starting from https://github.com/SocalNick/ScnSocialAuth/commit/4a00966c41bc37251586d007564c5c891eba3700

Exploits

Because of missing escaping of the URL param redirect a XSS attack is possible.
For example: Setting the redirect param to "&gt;&lt;a%20href="http://github.com"&gt;GitHub.com</a>&lt;inpu%20type="hidden"%20" would result in a link added to the login page.

Resolution

If you are using any version of ScnSocialAuth below 1.15.2 please upgrade immediately by running composer update.

Affected configurations

Vulners
Node
socalnickscn-social-authRange<1.15.2
CPENameOperatorVersion
socalnick/scn-social-authlt1.15.2

6.2 Medium

AI Score

Confidence

High

JSON