Opened 6 years ago
Closed 4 years ago
#1080 closed defect (wontfix)
Local Router Identity Accesable via Router Console
| Reported by: | psi | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | apps/console | Version: | 0.9.8.1 |
| Keywords: | websec privacy anonymity | Cc: | killyourtv |
| Parent Tickets: | Sensitive: | no |
Description
accessing the following url can obtain sensitive information
http://127.0.0.1:7657/netdb?r=.
this can be exploited by xss to reveal a user's local identity to a remote attacker
Subtickets
Change History (7)
comment:1 Changed 6 years ago by
comment:2 Changed 6 years ago by
| Component: | unspecified → apps/console |
|---|
if that's the case, the user's IP is visible on several pages… /peers, /confignet, i2ptunnel, …
Is this realistic, given that browsers generally won't fetch from localhost?
If it is realistic, do you have a proposal for fixing it?
comment:3 Changed 6 years ago by
| Cc: | killyourtv added |
|---|
comment:4 follow-up: 5 Changed 6 years ago by
May or may not be related, but findbugs reports 13 possible XSS vulnerabilities in the JSPs, to be reviewed and fixed if real.
Using findbugs 2.0.3-rc1
comment:5 Changed 6 years ago by
Replying to zzz:
Using findbugs 2.0.3-rc1
I didn't know that was out but Jenkins will be using that too.
comment:6 Changed 5 years ago by
| Keywords: | websec privacy anonymity added |
|---|---|
| Milestone: | 0.9.9 |
comment:7 Changed 4 years ago by
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
No reply from OP, no proposal posted.
Replying to psi:
http://127.0.0.1:7657/netdb?r=%2E is the correct url