CVE-2020-22143

A cross site scripting (XSS) vulnerability in /page/search/ of Zenphoto 1.5.6 allows attackers to execute arbitrary web scripts or HTML.

• mitre: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22143
• public announcement: https://github.com/zenphoto/zenphoto/issues/1262

Description:
The parameters SEARCH_* are not sanitized when displayed in the logout link in the search page when the user is connected.

Payload:
/page/search/?SEARCH_xxx=xxx"></div><u><svg/onload=alert(1)>xxx

PoC: