xss attack filter blacklisting on site call for images

  • cbsmktng
  • Topic Author
  • Offline
  • New Member
  • New Member
9 months 2 weeks ago #9378 by cbsmktng
I have been using this for about a year now, never run into this before. Have built out three new sites this month, and everytime client goes to review the site, they get put on the dynamic blacklist because of the xss filter. Here is the data I'm seeing in the log for the most recent:
Description: Tags stripped from string (possible XSS attack) :[GET:src]   file=images%2Flogo.png&type=webp,100&thumbnail=,
URL: /component/ajax/?p=image&src=file%3Dimages%252Flogo.png%26type%3Dwebp%2C100%26thumbnail%3D%2C&am
Component: com_ajax
Type: XSS (Cross-site scripting) Base64 encoded

Environment is Joomla 4.2.6 with YooTheme template, Akeeba Admin Tools 7.2.0, JCE Editor Pro 2.9.32, and PWT/ACL installed on Apache with php 8.1 and mySQL 8.0.31

Any insight would be appreciated.

Please Log in or Create an account to join the conversation.

9 months 1 week ago #9379 by Jose
Hi cbsmktng,

It seems there is some plugin using an ajax call to load a logo image that is using html tags. Just add it as exception (there is a button to do that in logs).


Please Log in or Create an account to join the conversation.

Time to create page: 0.156 seconds