which has now been patched. Alternative approaches for protecting sensitive information include setting the `secure_ connection_ setting` in your browser to `SOCKS5` or `SOCKS4` to prevent the request from being redirected to another host. Alternative approaches for protecting the `Cookie` header include using the `headers` directive to set your own `Cookie` header, or using the `session_ restore_ function` directive to set the `session_ cookie_ back` cookie. We recommend the first approach as it can be configured with a `guzzle_headers` directive, and is more secure. We also recommend the second approach as it is more flexible, and allows you to easily switch between different cookie handlers.
RCE with a known Cross Site Scripting flaw
This is an example where the attack vector for the vulnerability is known to exist, but it is not currently being exploited. The vulnerability was discovered on December 6th, 2014, in the `Sets` application. The vulnerability allows for arbitrary code execution when processing a maliciously crafted `Set` cookie. This can be exploited by simply adding a malicious `Set` cookie in the request headers of an HTTP GET request.
Cross-site scripting (XSS) vulnerabilities are one of the most common web application vulnerabilities that are actively exploited. XSS exploits often result in complete compromise of the vulnerable application because they allow attackers to inject arbitrary HTML and JavaScript into unsuspecting victims' browsers.
Timeline
Published on: 06/10/2022 00:15:00 UTC
Last modified on: 06/17/2022 18:59:00 UTC
References
- https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9
- https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8
- https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx
- https://www.drupal.org/sa-core-2022-011
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31042