YesWiki Reflected Cross-Site Scripting Vulnerability Allowing Session Hijacking

A reflected cross-site scripting vulnerability has been identified in YesWiki versions through 4.5.1. This issue allows an attacker to steal cookies from an authenticated user by having them click on a malicious link, potentially leading to session hijacking. The vulnerability could also be exploited to deface the website or embed malicious content. The issue has been patched in YesWiki version 4.5.4.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, with the potential to steal cookies from authenticated users, leading to session hijacking. Additionally, it could be used to deface the website or embed malicious content.

Reproduction

To reproduce this vulnerability, an authenticated user with admin access can be directed to the endpoint '/?PagePrincipale%2Fdeletepage' with a crafted URL that includes a script payload in the 'incomingurl' parameter. Once the link is clicked, an alert box will appear, demonstrating the successful execution of the injected script.

Remediation

Users can upgrade to YesWiki version 4.5.4 or later to address this vulnerability.