CVE-2020-11106

Name of the Vulnerable Software and Affected Versions: Responsive Filemanager versions through 9.14.0

Description: The issue is related to the lack of sanitization of the $ SESSION['RF']["view type"] session variable in the dialog.php page. This allows for stored XSS attacks if an attacker opens ajax calls.php, uses the "view" action, and places a payload in the type parameter, then returns to the dialog.php page. The vulnerability occurs because ajax calls.php can also set the $ SESSION['RF']["view type"] variable without sanitizing it.

Recommendations: For Responsive Filemanager versions through 9.14.0, consider disabling the ajax calls.php page or restricting access to it until a patch is available. As a temporary workaround, avoid using the "view" action in ajax calls.php and restrict the use of the type parameter to prevent exploitation.