Action Network - Reflected cross-site scripting (XSS)
Summary
Name | Action Network 1.4. - Reflected cross-site scripting (XSS) |
Code name | skims-48 |
Product | Action Network |
Affected versions | Version 1.4. |
State | Private |
Release date | 2025-01-03 |
Vulnerability
Kind | Reflected cross-site scripting (XSS) |
Rule | Reflected cross-site scripting (XSS) |
Remote | No |
CVSSv4 Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:U |
Exploit available | No |
CVE ID(s) | cve-2020-2020 |
Description
Action Network 1.4. was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/actionnetwork.php.
Vulnerability
Skims by Fluid Attacks discovered a Reflected cross-site scripting (XSS) in Action Network 1.4.. The following is the output of the tool:
Skims output
1459 |
1460 | et($_REQUEST['type']) && isset($action_list->action_type_plurals[$_REQUEST['type']]) ? $action_list->action_type_plurals[
1461 | intf(
1462 | : ""actions"", or plural of action type, which will be searched) */
1463 | 'actionnetwork'),
1464 |
1465 |
1466 |
1467 |
1468 | twork-actions-filter"" method=""get"">
> 1469 | en"" name=""page"" value=""<?php echo $_REQUEST['page'] ?>"" />
1470 | box"">
1471 | reen-reader-text"" for=""action-search-input""><?php echo $searchtext; ?>:</label>
1472 | rch"" id=""action-search-input"" name=""search"" value=""<?php echo isset($_REQUEST['search']) ? stripslashes(esc_attr($_REQUES
1473 | mit"" id=""action-search-submit"" class=""button"" value=""<?php echo $searchtext; ?>"">
1474 |
1475 | t->display(); ?>
1476 |
1477 | -options"">
1478 | onnetwork shortcodes for actions synced via the API can take two additional attributes besides the required <strong>id</s
1479 | 'The <strong>size</strong> attribute can be set to <strong>full</strong> or <strong>standard</strong> (standard is the de
^ Col 22
Our security policy
We have reserved the ID cve-2020-2020 to refer to this issue from now on.
System Information
- Version: Action Network
1.4.
Mitigation
There is currently no patch available for this vulnerability.
Credits
The vulnerability was discovered by Andres Roldan from Fluid Attacks' Offensive Team using Skims
Timeline
2025-01-03
Vulnerability discovered.
2025-01-03
Vendor contacted.