Dom xss leads to account takeover in octoprint/octoprint
Apr 19th 2022
Proof of Concept
Send this link to admin
When he will open it and try to login XSS will popup.
Attacker able to capture admin cookie and can takeover his account.
I have downgraded the severity to high. A scope change is not possible here, and a successful attack requires knowledge about the target system and preparation (you need not only get network access to a normally LAN only application but then also need to figure out who is an admin or has an account there for targeting with a prepared link that will then give you access to credentials via the vulnerability) and is the complexity therefore cannot be classified as "low" either.
Apart from that, thank you for finding this, because this is definitely a serious issue that needs fixing ASAP.
A fix has been prepared and will be rolled out with 1.8.0, which is planned to be released next week.
No worries you can take your time @Maintainer