Stored Cross Site Scripting in the username in wallabag/wallabag
Feb 2nd 2023
Stored XSS occurs when an attacker injects malicious code into a website, which is then stored on the server. In this case, the malicious code is being stored as the user's username.
When someone accesses the shared page, the website retrieves the user's username from the server and displays it as part of the message "shared by". At this point, the XSS payload is executed.
Proof of Concept
Allows the attacker to execute malicious code on the victim's browser. This can potentially lead to a wide range of security problems, such as stealing sensitive information, hijacking user sessions, and more.
Jérémy Benoist validated this vulnerability a month ago
Gabriel Vernilo has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Jérémy Benoist marked this as fixed in 2.5.4 with commit 4e023b a month ago
This vulnerability has been assigned a CVE
A wallabag/wallabag maintainer gave praise a month ago
Thank you @gabriel-vernilo !
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
commented a month ago
to join this conversation