Bug 1018114 - (CVE-2013-4433) CVE-2013-4433 xhprof: XSS vulnerability in run parameter
CVE-2013-4433 xhprof: XSS vulnerability in run parameter
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 1018115 1018116
  Show dependency treegraph
Reported: 2013-10-11 05:24 EDT by Ratul Gupta
Modified: 2016-03-04 07:12 EST (History)
1 user (show)

See Also:
Fixed In Version: xhprof 0.9.4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ratul Gupta 2013-10-11 05:24:21 EDT
xhprof, a hierarchial profiler for PHP, was found to have a Cross-Site Scripting vulnerability in it's run parameter, because it fails to sufficiently sanitize the user input.

To exploit this vulnerability, an attacker must entice an unsuspecting user to follow a malicious URI, which could compromise the cookie-based authentication information, execute arbitrary client-side scripts in the context of the browser, or obtain sensitive information.

The issue is known to be fixed in Xhprof 0.9.4.


Comment 1 Ratul Gupta 2013-10-11 05:25:44 EDT
Created php-pecl-xhprof tracking bugs for this issue:

Affects: fedora-all [bug 1018115]
Affects: epel-6 [bug 1018116]
Comment 2 Remi Collet 2013-10-11 05:32:31 EDT
Note : in xhprof RPM, the WebUI is protected and only allowed from the server (localhost).
Comment 3 Murray McAllister 2013-10-13 21:04:57 EDT
CVE request: http://www.openwall.com/lists/oss-security/2013/10/14/1
Comment 4 Fedora Update System 2013-10-17 14:06:01 EDT
php-pecl-xhprof-0.9.4-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.