Store XSS in Question Tag in answerdev/answer
Mar 5th 2023
Attackers can use this vulnerability to attack users/admins in the community, take over user/admins accounts, etc...
Proof of Concept
1、Register and log in as a user, add new questions and add tags
2、Insert the following payload in the tag description
<img src=x onerror=alert(localStorage.getItem('_a_lui_'))>
3、Post a question
4、When other users/admins view this tag
Execute malicious js in the community, steal user tokens, etc...
We are processing your report and will contact the answerdev/answer team within 24 hours. 18 days ago
joyqi validated this vulnerability 16 days ago
jeeseensec has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
to join this conversation