December 26, 2019 07:45AM

We detected XSS vulnerability when we use 301 or 302 redirections.

How to reproduce?

curl -I -k "'""'>><svg/onload=alert\`ayman\`>" > ayman.html

open ayman.html and you will get the popup!

I tried the below redirections and it's valid on all cases:

- return 301$request_uri;

- rewrite ^/(.*)$1 permanent;

Nginx version: 1.14.2

Is there a fix/workaround for this?

Subject Author Posted

301/302 XSS vulnerability

ayman December 26, 2019 07:45AM

Re: 301/302 XSS vulnerability

Maxim Dounin December 27, 2019 07:44AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 86
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready