Reflected XSS on msg Parameter in unilogies/bumsys

Valid

Reported on

Jan 16th 2023

Description

Hello Team, Hope you're doing well, There is no sanitization for the user input in msg parameter on the print.php file.

Proof of Concept

for some reason, I don't know why I can't prove the vulnerability on demo.bumsys.org but here is the PoC payload is:

/print.php?msg=<script>alert(document.domain)</script>

Impact

View and modify all information that the user has access to and take actions within the application that the user can perform.

Occurrences

We are processing your report and will contact the unilogies/bumsys team within 24 hours. 2 months ago
We have contacted a member of the unilogies/bumsys team and are waiting to hear back 2 months ago
Khurshid Alam validated this vulnerability 2 months ago
Mustafa A.Taha has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Khurshid Alam
2 months ago

Maintainer

Hello @mu57f4, Thank you so much for informing us. We will fix the issue as soon as possible.

Khurshid Alam marked this as fixed in v1.0.3-beta with commit 0d0472 2 months ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
Khurshid Alam published this vulnerability 2 months ago
print.php#L109 has been validated
to join this conversation