Stored XSS in Site Name in answerdev/answer


Reported on

Feb 8th 2023


Stored Cross-site Scripting (XSS) vulnerability in Site name of answerdev/answer

Proof of Concept

  1. Log in then
  2. Admin ---> Setting ---> General
  3. Enter below payload at Site Name

For More Understanding please check POC:

// PoC.js
var payload = #"><img src=/ onerror=alert(722)>


The attacker can execute arbitrary javascript in the admin account using this XSS

We are processing your report and will contact the answerdev/answer team within 24 hours. 2 months ago
We have contacted a member of the answerdev/answer team and are waiting to hear back 2 months ago
joyqi validated this vulnerability 24 days ago
Sanket Salavi has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
joyqi marked this as fixed in 1.0.6 with commit 9870ed 24 days ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
joyqi published this vulnerability 24 days ago
to join this conversation