0
Welcome Guest! Login
0 items Join Now

SOLVED: XSS Vulnerability in Gantry WP template?

  • SOLVED: XSS Vulnerability in Gantry WP template?

    Posted 6 years 5 months ago
    • If this isn't a gantry/Helium specific thing please let me know, but here is the issue.

      I've been contacted by one of the many "white hat" hackers out there pointing to an XSS vulnerability on my site. Apparently the debugger is publicly visible and the URLs he has sent me to prove it all display Timber or Gantry errors as shown in this image:

      postimg.org/image/2eluvesfmj/

      His specific message to me was this:
      So there is an open debugger accessible for the whole wide world which is having an XSS issue and leaking your servers and php data:

      xyz.ext/blog/page/8/?a=%22%2F%3E%27%3E%2...enbugbounty%2F%29%3E

      I recommend to disable debug mode asap and if you see any confidential things like passwords or keys leaked to change them immediately.
      I do not have debug turned on in Wordpress (I checked and it is disabled).

      Is this a Gantry issue, a Timber issue, or is it something inside WP in general? I am using Gantry with a RocketTheme template (Helium). Real URL has been sent in the secure tab because if this is indeed a vulnerability that can be exploited I don't want it publisized until it can be fixed...
    • Last Edit: 6 years 5 months ago by Chad Criswell.
    • Matt's Avatar
    • Matt
    • Preeminent Rocketeer
    • Posts: 21506
    • Thanks: 3081
    • messin' with stuff

    Re: XSS Vulnerability in Gantry WP template?

    Posted 6 years 5 months ago
    • We're using Whoops to display errors

      github.com/filp/whoops

      Which is what you sent a screen shot of.... It doesn't provide any compromising information that i'm aware of... you can disable though if you'd like... just make sure Gantry is in Production mode, not Developer mode, it's in the Extras menu
    • Last Edit: 6 years 5 months ago by Matt.
    • SEARCH the forum first! These boards are rich in knowledge and vast in topics. This includes searching just the 'Solved' forums, using Google, and using ChatGPT :woohoo:
  • Re: SOLVED: XSS Vulnerability in Gantry WP template?

    Posted 6 years 5 months ago
    • That does seem to have fixed it. Now when using that URL you get Uncaught exception: Unexpected character "\". and a blank screen. TY!
  • Re: SOLVED: XSS Vulnerability in Gantry WP template?

    Posted 6 years 5 months ago
    • Hi,

      I just tried to replicate the XSS issue with the debug mode enabled on the latest Gantry and couldn't replicate it. Can you please post your FTP details in Secure tab so I could check your website?

      Thanks!
      Jakub
    • Remember to always post a link to the site you're having problem with.

Time to create page: 0.050 seconds