Skip to content

Latest commit

 

History

History
68 lines (48 loc) · 1.2 KB

CVE-2019-14221.md

File metadata and controls

68 lines (48 loc) · 1.2 KB

Information

Product             : 1CRM On-Premise Software
Vulnerability Name  : Stored Cross-Site Scripting
version             : 8.5.7
Fixed on            : 8.5.10
Test on             : CentOS 7.6.1810 (Core)
Reference           : https://1crm.com
CVE-Number          : CVE-2019-14221

Description

1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.

PoC

Attacker

  1. Login as any user
  2. Click Email icon
  3. Click Report
  4. Click Create Report

1

  1. Fill Report Name
  2. Assign to Victim (In this example we assigned to admin)

2

  1. Click Column Layout
  2. Click Add empty column

3

  1. Input malicious code (ex. <script>alert(document.cookie);</script>)

4

  1. Click Save

5

Victim

  1. Click email icon
  2. Click Report
  3. Choose report that we recently created

6

  1. Click Run Report

7

  1. Admin cookie will popup

8

PoC Video

https://youtu.be/hfqgPatMLRc

Credit

Kusol Watchara-Apanukorn (SHA999)

References

https://nvd.nist.gov/vuln/detail/CVE-2019-14221