Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stored Cross-Site Scripting (XSS) via Tribe Chat #1476

tcbutler320 opened this issue May 27, 2021 · 1 comment

Stored Cross-Site Scripting (XSS) via Tribe Chat #1476

tcbutler320 opened this issue May 27, 2021 · 1 comment
bug Something isn't working tribe Tribe (multiplayer) issues


Copy link

tcbutler320 commented May 27, 2021

Describe the bug

The MonkeyType Tribe chat at is vulnerable to stored cross-site scripting (xss) through user comments and user name. To inject XSS payloads, malicious users can enter a non-xss string in the chat field and send it to web server, then capture the web socket traffic and modify the input to a XSS payload. Same method can be used to injext XSS through username field.


Did it happen in incognito mode? No 😉

To Reproduce .

I used an onclick event payload to demonstrate capabilities, but of course other payloads can be used

  • Configure BurpSuite to intercept browser traffic
  • Navigate to
  • Click on "create room"
  • Turn on BurpSuite proxy interception
  • Enter a new chat string
  • Intercept the web socket traffic, and change the chat string to an XSS payload, example below.
  • Stop intercepting traffic, browse the chat room. The payload will execute. In this example, the payload will execute onclick



Expected behavior
Tribe chat should implement output encoding to ensure that payloads injected through raw socket intercepts are not interpreted by client browsers.


@tcbutler320 tcbutler320 added the bug Something isn't working label May 27, 2021
@Miodec Miodec added the tribe Tribe (multiplayer) issues label May 27, 2021
Copy link

Miodec commented May 27, 2021


@Miodec Miodec closed this as completed May 27, 2021
@tcbutler320 tcbutler320 mentioned this issue Jun 4, 2021
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
bug Something isn't working tribe Tribe (multiplayer) issues
None yet

No branches or pull requests

2 participants