Possible remote file inclusion
mariohammel opened this issue · 0 comments
mariohammel commented
Description
Our hosting provider sends us a information about a RFI Exploit [P1419] on our webpage. I found the following snipped in a cached file (Craft Template Caching):
<meta property="og:url" content="https://example.com/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f../etc/passwd" />
<meta name="twitter:url" content="https://example.com/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f../etc/passwd" />
<link rel="canonical" href="https://dextra.ch/../../../../../../../../../../../../etc/passwd">
Is it possible to validate such parameters?
Steps to reproduce
- Open the craft website with the following query param: https://example.com?p=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd
- View the page source.
Additional info
- Craft version: Craft Pro 4.4.12
- SEO version: 4.1.2
- PHP version: 8.1.20