[BUG] [XSS] Multiple reflected cross-site scripting vulnarabilites in Graphite composer mygraph parameters(action and graphName). #2794
Description
Product
Graphite
Product Version
Current master branch
Environment
docker graphiteapp/graphite-statsd. Builded from the current master branch.
Vulnerability
Reflected cross-site scripting (XSS)
Severity
Medium
Description
Cross-site scripting is a type of attack on web application clients, in which any code prepared by an attacker can be executed in the client’s browser. Vulnerability to this type of attack occurs due to incorrect filtering of user input data.
Impact
As a result of the attack, an attacker can steal a user session, make requests on behalf of the user, and get user credentials, etc.
Expected behavior
Sanitize all the parameters passed to the server by the user.
Steps to Reproduce
- Login to the system
- Go to
http://127.0.0.1/composer/mygraph?action="><script>alert(1)</script>&graphName=test
http://127.0.0.1/composer/mygraph?action=delete&graphName="><script>alert(1)</script>