RageFrame2 2.6.43 has a reflective XSS vulnerability

### Summary
RageFrame2 2.6.43 has a reflective cross-site scripting (XSS) vulnerability. An attacker can execute malicious code in the admin's browser by inducing the admin to click on a link containing malicious code.

### Details
RageFrame2 2.6.43 does not sufficiently filter the boxid parameter, allowing an attacker to insert arbitrary html code by prematurely ending the script tag with the </script> closing.

### Proof of Concept (POC)
`http://your-ip/backend/file/selector?boxId=1</script><script>alert(%27test%27)</script>&multiple=0&upload_drive=local&upload_type=images`
![image](https://github.com/jianyan74/rageframe2/assets/66168888/735fcb68-3216-4f2e-97f5-7bed7a475986)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

RageFrame2 2.6.43 has a reflective XSS vulnerability #113

Summary

Details

Proof of Concept (POC)

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

RageFrame2 2.6.43 has a reflective XSS vulnerability #113

Description

Summary

Details

Proof of Concept (POC)

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions