Skip to content

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041) #433

New issue
New issue
Closed
Closed
[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041)#433
@seongil-wi

Description

@seongil-wi
seongil-wi
opened on Sep 11, 2021

Hi

I found a known XSS vulnerability in the recent version of jquery-wp-content.
In particular, the bug we report is a known bug by CVE-2019-20041.

wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.

Please check this line:

jquery-wp-content/plugins/vaultpress/class.vaultpress-hotfixes.php

Line 788 in bb05d9c

$string2 = preg_split( '/:|&#0*58;|&#x0*3a;/i', $string, 2 );

Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions