Drupal Sanitization XSS ©¶´

Ðû²¼Ê±¼ä 2021-04-22

0x00 ©¶´¸ÅÊö

CVE  ID


ʱ   ¼ä

2021-04-22

Àà   ÐÍ

XSS

µÈ   ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°Ï췶Χ


PoC/EXP

δ¹ûÈ»

ÔÚÒ°ÀûÓÃ

·ñ

 

0x01 ©¶´ÏêÇé

image.png

DrupalÊÇPHP±àдµÄ¿ªÔ´ÄÚÈݹÜÀí¿ò¼Ü£¨CMF£©£¬ËüÓÉÄÚÈݹÜÀíϵͳ£¨CMS£©ºÍPHP¿ª·¢¿ò¼Ü£¨Framework£©ÅäºÏ×é³É£¬Ä¿Ç°ÒѾ­³ÉΪÊÀ½çÉÏ×îÊÜ»¶Ó­µÄCMSÖ®Ò»¡£

2021Äê04ÔÂ21ÈÕ£¬DrupalÐû²¼Äþ¾²Í¨¸æ£¬ÐÞ¸´ÁËDrupalÖеÄÒ»¸öXSS©¶´¡£¸Ã©¶´ÊÇÓÉÓÚDrupal CoreµÄsanitization APIÔÚijЩÇé¿öÏÂÎÞ·¨ÕýÈ·¹ýÂË¿çÕ¾½Å±¾£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÀûÓÃXSS©¶´²åÈë¶ñÒâ´úÂ롢͵ȡÓû§ÐÅÏ¢»ò½øÐÐÆäËü²Ù×÷¡£

 

Ó°Ï췶Χ

Drupal < 9.1.7

Drupal < 9.0.12

Drupal < 8.9.14

Drupal < 7.80

 

0x02 ´¦Öý¨Òé

Ä¿Ç°DrupalÍŶÓÒѾ­ÐÞ¸´ÁË´Ë©¶´£¬½¨Ò鼰ʱ¸üÐÂÖÁÒÔÏ°汾£º

Drupal 9.1.7

Drupal 9.0.12

Drupal 8.9.14

Drupal 7.80


ÏÂÔØÁ´½Ó£º

https://www.drupal.org/project/drupal/releases/9.1.7

https://www.drupal.org/project/drupal/releases/9.0.12

https://www.drupal.org/project/drupal/releases/8.9.14

https://www.drupal.org/project/drupal/releases/7.80


×¢£º8.9.x֮ǰµÄDrupal 8¹Ù·½ÒÑÍ£Ö¹Ö§³Ö¡£´ËÍ⣬Äþ¾²ÈËÔ±»¹Õë¶ÔÒÑÍ£Ö¹Ö§³ÖµÄDrupal 6ÔÚGithubÉÏÐû²¼ÁËÊÊÓÃÓÚSA-CORE-2021-002µÄDrupal 6ºËÐÄÄþ¾²¸üС£

 

0x03 ²Î¿¼Á´½Ó

https://www.drupal.org/sa-core-2021-002

https://www.mydropwizard.com/blog/drupal-6-core-security-update-sa-core-2021-002

https://github.com/d6lts/drupal/releases/tag/6.57

 

0x04 ʱ¼äÏß

2021-04-21  DrupalÐû²¼Äþ¾²Í¨¸æ

2021-04-22  VSRCÐû²¼Äþ¾²Í¨¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

image.png