XSS is found in the "Security -->>Webusers" field in CMS Clipper_1.3.3 version. The Security name value is obtained from the webusers, having search parameter for user list. it is getting reflected and displayed without any sanitation.
Affected URL: http://127.0.0.1:880/ClipperCMS-clipper_1.3.3/manager/
Steps to POC:
Under Security tab, click on web users -->>search parameter
in search parameter enter XSS payload
'">>"></plaintext></|><plaintext/onmouseover=prompt(1)> and click on GO button
4.The script is getting executed.
For your reference:
Mitigation:
Sanitize HTML Markup with a Library Designed for the Job
Never Insert Untrusted Data Except in Allowed Locations
HTML Escape Before Inserting Untrusted Data into HTML Element Content
Attribute Escape Before Inserting Untrusted Data into HTML Common Attributes https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
The text was updated successfully, but these errors were encountered:
XSS is found in the "Security -->>Webusers" field in CMS Clipper_1.3.3 version. The Security name value is obtained from the webusers, having search parameter for user list. it is getting reflected and displayed without any sanitation.
Affected URL:
http://127.0.0.1:880/ClipperCMS-clipper_1.3.3/manager/
Steps to POC:
'">>
4.The script is getting executed.
For your reference:
Mitigation:
Sanitize HTML Markup with a Library Designed for the Job
Never Insert Untrusted Data Except in Allowed Locations
HTML Escape Before Inserting Untrusted Data into HTML Element Content
Attribute Escape Before Inserting Untrusted Data into HTML Common Attributes
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
The text was updated successfully, but these errors were encountered: