Cross-site Scripting (XSS) - Stored in jam-py/jam-pyValid
Apr 27th 2021
Stored XSS at comment box at suppliers Profile. In fact, all input has XSS. No input parameter is sanitized before saving in the database.
🕵️♂️ Proof of Concept
- git clone https://github.com/jam-py/jam-py
- cd jam-py && python setup.py install
- cd demo
- python server.py
- Open localhost:8080 in browser and click on customer dashboard
- Edit any Customer and Add this payload to Company or any input field
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. The attacker can carry out any of the actions that are applicable to the impact of reflected XSS vulnerabilities.
In terms of exploitability, the key difference between reflected and stored XSS is that a stored XSS vulnerability enables attacks that are self-contained within the application itself. The attacker does not need to find an external way of inducing other users to make a particular request containing their exploit. Rather, the attacker places their exploit into the application itself and simply waits for users to encounter it.