Drupal Sanitization XSS Îó²î

Ðû²¼Ê±¼ä 2021-04-22

0x00 Îó²î¸ÅÊö

CVE  ID


ʱ   ¼ä

2021-04-22

Àà   ÐÍ

XSS

µÈ   ¼¶

¸ßΣ

Ô¶³ÌʹÓÃ

ÊÇ

Ó°Ïì¹æÄ£


PoC/EXP

δ¹ûÕæ

ÔÚҰʹÓÃ

·ñ

 

0x01 Îó²îÏêÇé

image.png

DrupalÊÇPHP±àдµÄ¿ªÔ´ÄÚÈÝÖÎÀí¿ò¼Ü£¨CMF£©£¬£¬£¬£¬£¬£¬ËüÓÉÄÚÈÝÖÎÀíϵͳ£¨CMS£©ºÍPHP¿ª·¢¿ò¼Ü£¨Framework£©ÅäºÏ×é³É£¬£¬£¬£¬£¬£¬ÏÖÔÚÒѾ­³ÉΪÌìÏÂÉÏ×îÊܽӴýµÄCMSÖ®Ò»¡£¡£¡£¡£¡£

2021Äê04ÔÂ21ÈÕ£¬£¬£¬£¬£¬£¬DrupalÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬ÐÞ¸´ÁËDrupalÖеÄÒ»¸öXSSÎó²î¡£¡£¡£¡£¡£¸ÃÎó²îÊÇÓÉÓÚDrupal CoreµÄsanitization APIÔÚijЩÇéÐÎÏÂÎÞ·¨×¼È·¹ýÂË¿çÕ¾¾ç±¾£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýʹÓÃXSSÎó²î²åÈë¶ñÒâ´úÂ롢͵ȡÓû§ÐÅÏ¢»ò¾ÙÐÐÆäËü²Ù×÷¡£¡£¡£¡£¡£

 

Ó°Ïì¹æÄ£

Drupal < 9.1.7

Drupal < 9.0.12

Drupal < 8.9.14

Drupal < 7.80

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚDrupalÍŶÓÒѾ­ÐÞ¸´ÁË´ËÎó²î£¬£¬£¬£¬£¬£¬½¨Òéʵʱ¸üÐÂÖÁÒÔÏ°汾£º

Drupal 9.1.7

Drupal 9.0.12

Drupal 8.9.14

Drupal 7.80


ÏÂÔØÁ´½Ó£º

https://www.drupal.org/project/drupal/releases/9.1.7

https://www.drupal.org/project/drupal/releases/9.0.12

https://www.drupal.org/project/drupal/releases/8.9.14

https://www.drupal.org/project/drupal/releases/7.80


×¢£º8.9.x֮ǰµÄDrupal 8¹Ù·½ÒÑ×èÖ¹Ö§³Ö¡£¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬Çå¾²Ö°Ô±»¹Õë¶ÔÒÑ×èÖ¹Ö§³ÖµÄDrupal 6ÔÚGithubÉÏÐû²¼ÁËÊÊÓÃÓÚSA-CORE-2021-002µÄDrupal 6½¹µãÇå¾²¸üС£¡£¡£¡£¡£

 

0x03 ²Î¿¼Á´½Ó

https://www.drupal.org/sa-core-2021-002

https://www.mydropwizard.com/blog/drupal-6-core-security-update-sa-core-2021-002

https://github.com/d6lts/drupal/releases/tag/6.57

 

0x04 ʱ¼äÏß

2021-04-21  DrupalÐû²¼Ç徲ͨ¸æ

2021-04-22  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png