Skip to content
This repository has been archived by the owner on Jan 25, 2022. It is now read-only.

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041) #589

Open
seongil-wi opened this issue Sep 11, 2021 · 0 comments
Open

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041) #589

seongil-wi opened this issue Sep 11, 2021 · 0 comments

Comments

@seongil-wi
Copy link

Hi

I found a known XSS vulnerability in the recent version of wplib-box.
In particular, the bug we report is a known bug by CVE-2019-20041.

wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.

Please check this line:

wplib-box/www/wp-includes/kses.php

Line 1325 in bf595c7

$string2 = preg_split( '/:|&#0*58;|&#x0*3a;/i', $string, 2 );

Thanks!
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@seongil-wi