Description
Guardian language-system fails to sanitize the name GET parameter before outputting it into an HTML input value attribute in designer.php (line 57). An authenticated attacker can craft a URL containing script tags that execute in the victim's browser session.
Problem types
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Product status
Any version
Credits
philopentest
References
gist.github.com/...inforepo/d5b2771d82e1b31b8fc1c33052e08dad (Researcher Disclosure)
www.vulncheck.com/...tem-xss-via-designer-php-name-parameter