ZendFramework 1.12.2 - Cross-Site Scripting

What is "ZendFramework 1.12.2 - Cross-Site Scripting?"

The "ZendFramework 1.12.2 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in ZendFramework versions up to 1.12.2. This vulnerability allows an attacker to inject malicious code into a web application, potentially compromising user data or executing unauthorized actions. The severity of this vulnerability is classified as medium.

This module was authored by c3l3si4n.

Impact

If exploited, the cross-site scripting vulnerability in ZendFramework 1.12.2 can lead to various security risks, including:

- Execution of arbitrary code on the affected web application - Theft of sensitive user information - Manipulation of user sessions - Defacement of web pages

How the module works?

The "ZendFramework 1.12.2 - Cross-Site Scripting" module works by sending HTTP requests to specific paths in the target application. It then applies matching conditions to determine if the vulnerability is present. The module checks for the following conditions:

- The response body contains the string "\"redirection\"]", "\"param\"", or "If all of these conditions are met, the module reports a vulnerability.

Here is an example of an HTTP request sent by the module:

GET /vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(1)>

Please note that this is a simplified example and the module may perform additional checks and requests based on its configuration.