-
-
Notifications
You must be signed in to change notification settings - Fork 942
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiples xss in the application request to open a CVE #263
Comments
Hello @3v1lC0d3 |
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. CVSS3:CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:L/MUI:N/MS:U/MC:H/MI:H/MA:H Impact: An attacker could steal the cookie of an admin by injecting JavaScript code due to improper sanitization. Once done, it is possible to modify prices, the existence of products, and more. This could lead to a direct impact on the confidentiality and economy of the business. This can lead to various security issues, including:
During the application's inspection, many XSS vulnerabilities were found. The report of those vulnerabilities is shown below. I started looking for vulnerabilities because, although there is no payment for finding vulnerabilities, I think it is really important to help others enhance their security. An XSS (Cross-Site Scripting) vulnerability was identified in the search_title parameter of the web application. This vulnerability allows an attacker to inject arbitrary JavaScript code, which can be executed in the context of the user's browser. Proof of Concept: `"/<script><script>alert(1)</script>/" Steps to Reproduce:
In the same way a XSS (Cross-Site Scripting) vulnerability was identified in the product name parameter of the web application. Proof of Concept:
Similarly, the same vulnerability was identified in the name of a category parameter of the web application. Proof of Concept:
Steps to Reproduce:
This XSS was different because the javascript code is executed for the customer. Recommendation:
References: |
Hello I've found multiples XSS in the application that allow an attacker to steal the administrator session, in one hand this vulnerability represent a hisg risk to the customers and user due to a malicious user will decrease the price of the item in the other hand could lead a denegation of service.
Please contact me to give you a complete report.
The text was updated successfully, but these errors were encountered: