stored XSS through Question sending in thorsten/phpmyfaq
Reported on
Jan 23rd 2023
Dear Ladies and Gentlemen,
First of all, thank you for your time and effort in reading my Report.
While doing the Penetration Test my Brother Ahmed Hassan (hassanahmed8199@gmail.com) and I were able to identify another stored XSS Cross-Site-Scripting Injection Vulnerability.
The Process of the Vulnerability:
Login
Go to https://roy.demo.phpmyfaq.de/index.php?action=ask&category_id=0
Any User will be able to submit questions that need to be verified by the Administrator.
As soon as the Administrator will review the Question and accept it the Javascript Code will work after refreshment.
The User can submit JavaScript Code and it will run as Code.
Type any kind of JavaScript Code like <script>alert(‘1’)</script>
The Attacker can inject JavaScript Code and steal the Admin Cookies
Through this, any Attacker can inject JavaScript Code and use further Vulnerabilities to use other Exploitation Steps.
Finally, I want to thank you for your time and effort, and hope to hear from you soon.
Best regards Josef Hassan & Ahmed Hassan
Impact
Dear Ladies and Gentlemen,
First of all, thank you for your time and effort in reading my Report.
While doing the Penetration Test my Brother Ahmed Hassan (hassanahmed8199@gmail.com) and I were able to identify another stored XSS Cross-Site-Scripting Injection Vulnerability.
The Process of the Vulnerability:
Login
Go to https://roy.demo.phpmyfaq.de/index.php?action=ask&category_id=0
Any User will be able to submit questions that need to be verified by the Administrator.
As soon as the Administrator will review the Question and accept it the Javascript Code will work after refreshment.
The User can submit JavaScript Code and it will run as Code.
Type any kind of JavaScript Code like <script>alert(‘1’)</script>
The Attacker can inject JavaScript Code and steal the Admin Cookies
Through this, any Attacker can inject JavaScript Code and use further Vulnerabilities to use other Exploitation Steps.
Finally, I want to thank you for your time and effort, and hope to hear from you soon.
Best regards Josef Hassan & Ahmed Hassan