Reflected XSS on ticket filter function in polonel/trudesk
Valid
Reported on
May 6th 2022
Description
Ticket management filter in Trudesk v1.2.0 allow user to perform XSS due to improper validation on filter attribute such as "status", "ticket type", "assignee" and etc.
Proof of Concept
- Login to Trudesk with role user privilege
- Tickets -> Filter ticket
- Filter for ticket status (poc on attribute status)
- Insert payload in the filter result
Endpoint
- http://{IP}/tickets/filter/
Payload used
- "><img src=a onerror=alert(document.domain)>
Screenshot POC
Impact
This vulnerability is capable of executing a malicious javascript code in web page
Occurrences
We are processing your report and will contact the
polonel/trudesk
team within 24 hours.
a year ago
din modified the report
a year ago
din modified the report
a year ago
din modified the report
a year ago
din modified the report
a year ago
We have contacted a member of the
polonel/trudesk
team and are waiting to hear back
a year ago
We have sent a
follow up to the
polonel/trudesk
team.
We will try again in 7 days.
a year ago
The researcher's credibility has increased: +7
tickets.js#L217-L261
has been validated
to join this conversation