Cross-site Scripting (XSS) - Stored in notrinos/notrinoserp

Valid

Reported on

May 8th 2022

Description

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Proof of Concept

Add Item,And name is payload (<script>alert(location)</script>). https://drive.google.com/file/d/148ERlRpfmNDpNXY4X3sW8SqP_UOmute8/view?usp=sharing

Click Item list,xss is executed. https://drive.google.com/file/d/1ITonDK4LRg4fEsL8FY7-1G7dTwIhqlJo/view?usp=sharing https://drive.google.com/file/d/1eMU6WD6ZZiqCKE9f08iUKFjJo2fRJyeg/view?usp=sharing

Impact

Every user clicking the menu can be affected by malicious javascript code created by the attacker.

We are processing your report and will contact the notrinos/notrinoserp team within 24 hours. a year ago

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

We have contacted a member of the notrinos/notrinoserp team and are waiting to hear back a year ago

Phương gave praise a year ago

The problem has been reproduced and fixed. Thanks @nickshadows

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

Phương validated this vulnerability a year ago

Nick has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Phương marked this as fixed in 0.7 with commit 036277 a year ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

Nick

commented a year ago

Researcher

@admin can you pls assign a CVE for this?

Jamie Slome

commented a year ago

Admin

Same here, happy to proceed with a CVE once we get the go-ahead from the maintainer 👍

Nick

commented a year ago

Researcher

@maintainer , I would be glad if you could approve for CVE.

Phương

commented a year ago

Maintainer

Same here, happy to proceed with a CVE once we get the go-ahead from the maintainer 👍

@admin yes please go ahead

Jamie Slome

commented a year ago

Admin

Sorted 👍

to join this conversation

We are processing your report and will contact the notrinos/notrinoserp team within 24 hours. a year ago

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

We have contacted a member of the notrinos/notrinoserp team and are waiting to hear back a year ago

Phương gave praise a year ago

The problem has been reproduced and fixed. Thanks @nickshadows

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

Phương validated this vulnerability a year ago

Nick has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Phương marked this as fixed in 0.7 with commit 036277 a year ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

Nick

commented a year ago

Researcher

@admin can you pls assign a CVE for this?

Jamie Slome

commented a year ago

Admin

Same here, happy to proceed with a CVE once we get the go-ahead from the maintainer 👍

Nick

commented a year ago

Researcher

@maintainer , I would be glad if you could approve for CVE.

Phương

commented a year ago

Maintainer

Same here, happy to proceed with a CVE once we get the go-ahead from the maintainer 👍

@admin yes please go ahead

Jamie Slome

commented a year ago

Admin

Sorted 👍

to join this conversation