• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
csrf_cookie vulnerable to XSS (reflected)

Running an automated security scanner on my CI application produces the following.

The value of the csrf_cookie cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a38fc">[removed]alert(1)< /script>ede65226261 was submitted in the csrf_cookie cookie. This input was echoed unmodified in the application's response.

It seems that the csrf_cookie that CI automatically adds to the form is vulnerable to XSS. I'm running CI version 2.1.0.


Which scanner are you using?

Using the BURP Suite from Portswigger.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.