XSS in Schedule tab of Documents in pimcore/pimcore

Valid

Reported on

Mar 8th 2023

Description

pimcore is vulnerable to XSS at Time field in Schedule tab of Document.

Payload

"><img src=x onerror=alert(document.domain);>

Proof of Concept

1.Go to https://demo.pimcore.fun/admin/ and login.
2.In Documents, go to home -> click on Schedule icon to go to this tab.
3.In the Schedule tab, input the payload "><img src=x onerror=alert(document.domain);> into the Time field and press enter.
4.Click on that input field again and keep the mouse pointer hovers on it, you will see the XSS popup triggers.

Impact

This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.

We are processing your report and will contact the pimcore team within 24 hours. 3 months ago
KhanhCM modified the report
3 months ago
pimcore/pimcore maintainer has acknowledged this report 3 months ago
Divesh Pahuja validated this vulnerability 2 months ago
KhanhCM has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Divesh Pahuja marked this as fixed in 10.5.19 with commit 3a2270 2 months ago
Divesh Pahuja has been awarded the fix bounty
This vulnerability has been assigned a CVE
Divesh Pahuja published this vulnerability 2 months ago
to join this conversation