Description: Store XSS on the list api:
/dcim/power-ports/add/
/dcim/power-ports/{id}/edit/
/dcim/console-server-ports/add/
/dcim/console-server-ports/{id}/edit/
/dcim/interfaces/add/
/dcim/interfaces/{id}/edit/
/dcim/rear-ports/{id}/edit/
/dcim/rear-ports/add/
/dcim/front-ports/{id}/edit/
/dcim/front-ports/add/
/dcim/power-outlets/{id}/edit/
/dcim/power-outlets/add
/dcim/console-ports/add
/dcim/console-ports/{id}/edit/
/dcim/power-feeds/add
/dcim/power-feeds/{id}/edit/
/circuits/circuits/{id}/edit/
/circuits/circuits/add
of NetBox version 4.0.3 (https://github.com/netbox-community/netbox) allow remote attackers to hijack user's cookie via Parameter name except api (/Circuits/ Circuits/{id}/edit/) and (/Circuits/Circuits/add) then param is the circuit ID.
Proof of Concept:
- Add or edit the above API list with malicious script tags at Param malicious.
- Go to api connections > cables to connect malicious device components together.
- After connecting successfully, when accessing api Connection > Cables again, the XSS Vulnerability immediately appeared. Impact: