An authenticated malicious user can take advantage of a Stored XSS vulnerability in "Note" field in the "Highlight row" feature.
Proof of Concept
Step 1: Go to "/index.php?module=entities/listing_types&entities_id=24", click "Add" and insert payload "<img src=1 onerror='alert(document.cookie)'/>" in "Note" field.
Step 2: Alert XSS Message
Impact
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.
The text was updated successfully, but these errors were encountered:
anhdq201
changed the title
Stored Cross Site Scripting Vulnerability on "Highlight row" in rukovoditel 3.2.1
Stored Cross Site Scripting Vulnerability on "Highlight row" in "Note" field in rukovoditel 3.2.1
Nov 2, 2022
anhdq201
changed the title
Stored Cross Site Scripting Vulnerability on "Highlight row" in "Note" field in rukovoditel 3.2.1
Stored Cross Site Scripting Vulnerability on "Highlight row" in rukovoditel 3.2.1
Nov 2, 2022
Version: 3.2.1
Description
An authenticated malicious user can take advantage of a Stored XSS vulnerability in "Note" field in the "Highlight row" feature.
Proof of Concept
Step 1: Go to "/index.php?module=entities/listing_types&entities_id=24", click "Add" and insert payload "
<img src=1 onerror='alert(document.cookie)'/>" in "Note" field.Step 2: Alert XSS Message
Impact
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.
The text was updated successfully, but these errors were encountered: