Cross-site Scripting (XSS) - Stored in changeweb/unifiedtransform
May 18th 2021
Stored Cross Site Scripting in the message/all.blade.php.
🕵️♂️ Proof of Concept
As a teacher, click on "My Courses" and then "message students". CKEditor hides the underlying
<textarea> where we can add
<script> tag or capture the request in a proxy like burpsuite and edit the HTTP POST request.
This vulnerability can be used to gain access to student's account as well as admin's account as the view rendered by message/all.blade.php is accessible by admin also.