Cross-site Scripting (XSS) - Stored in arachnys/cabot
Sep 5th 2020
Executed Persistent stored XSS in cabot check settings, as well as the address field. As per CVEs present Stored XSS is a High Severity bug.
Proof of Concept
- setup cabot to reproduce the vulnerability
- create an account now login to the account
- Go to checks Create and navigate to http check, In the Endpoint column append a XSS payload. You can also create
- Now we can see a failed check now click run button in that checks
- XSS triggered we got output.
- If we try again the persistant XSS get triggered https://drive.google.com/file/d/1hcRdxOArwzYlPOmBIj9sDkpLLGUXpiu2/view?usp=sharing https://drive.google.com/file/d/1wrgPledd9WVQ69Yk84S3z3ZjusoDJXli/view?usp=sharing
Able to execute Persistent stored XSS payloads in cabot which can be used to capture user cookie.