Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
Jun 28th 2021
Stored xss bug using a xss payload in the full name field, other fields like address, city, state will work as well.
🕵️♂️ Proof of Concept
Create a new user with the following payload "><img src=x onerror=alert('xss-ribersec')> in one of the fields i mentioned above; full name, address etc... browse to you're profile and see the xss popup. https://your_own_url/online-invoicing-system-4.9/app/membership_profile.php If you want to alert the cookies simply change the payload to "><img src=x onerror=alert(document.cookie)>
Possible to steal admin cookies or take over another account via cookie grepping.