Opened 6 years ago
Closed 4 years ago
#1080 closed defect (wontfix)
Local Router Identity Accesable via Router Console
Reported by: | psi | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | apps/console | Version: | 0.9.8.1 |
Keywords: | websec privacy anonymity | Cc: | killyourtv |
Parent Tickets: | Sensitive: | no |
Description
accessing the following url can obtain sensitive information
http://127.0.0.1:7657/netdb?r=.
this can be exploited by xss to reveal a user's local identity to a remote attacker
Subtickets
Change History (7)
comment:1 Changed 6 years ago by
comment:2 Changed 6 years ago by
Component: | unspecified → apps/console |
---|
if that's the case, the user's IP is visible on several pages… /peers, /confignet, i2ptunnel, …
Is this realistic, given that browsers generally won't fetch from localhost?
If it is realistic, do you have a proposal for fixing it?
comment:3 Changed 6 years ago by
Cc: | killyourtv added |
---|
comment:4 follow-up: 5 Changed 6 years ago by
May or may not be related, but findbugs reports 13 possible XSS vulnerabilities in the JSPs, to be reviewed and fixed if real.
Using findbugs 2.0.3-rc1
comment:5 Changed 6 years ago by
Replying to zzz:
Using findbugs 2.0.3-rc1
I didn't know that was out but Jenkins will be using that too.
comment:6 Changed 5 years ago by
Keywords: | websec privacy anonymity added |
---|---|
Milestone: | 0.9.9 |
comment:7 Changed 4 years ago by
Resolution: | → wontfix |
---|---|
Status: | new → closed |
No reply from OP, no proposal posted.
Replying to psi:
http://127.0.0.1:7657/netdb?r=%2E is the correct url