Description
Current version of Firefly III Version 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in bill name field Malicious attacker can create specially crafted request, which contains javascript code in it. Malicious javascript code will be executed when user visit link below.
Steps to reproduce
Add new bill with name "<script>alert("XSS in bill rule")</script>".
Visit /rules/create-from-bill/[id of your bill] and see alert.
POC Image
Extra info
Tested on Mozilla 60.4.0esr (64-bit)
The text was updated successfully, but these errors were encountered:
JC5
added
bug
Verified and replicated bugs and issues.
fixed
Bugs that are fixed (in a coming release).
labels
Aug 2, 2019
Description
Current version of Firefly III Version 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in bill name field Malicious attacker can create specially crafted request, which contains javascript code in it. Malicious javascript code will be executed when user visit link below.
Steps to reproduce
POC Image

Extra info
Tested on Mozilla 60.4.0esr (64-bit)
The text was updated successfully, but these errors were encountered: