Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

Valid

Reported on

Mar 3rd 2022

Description

Please enter a description of the vulnerability.

Proof of Concept

xss in function add domain
POST /add/web
v-custom-doc-domain=<script>alert(1)</script>
https://drive.google.com/file/d/1EeoOX7Pmn5ptuweine4Cgcy1fyd6qEzJ/view?usp=sharing

Impact

We are processing your report and will contact the hestiacp team within 24 hours. a year ago

Jaap Marcus validated this vulnerability a year ago

huydoppa has been awarded the disclosure bounty

The fix bounty is now up for grabs

Jaap Marcus

commented a year ago

Maintainer

@admin please assign a CVE for this issue

Jamie Slome

commented a year ago

Admin

CVE assigned (CVE-2022-0838)! 🎊

Jamie Slome

commented a year ago

Admin

Please ping me once you are ready to publish the fix and make the report public, and I will publish the CVE to MITRE.

huydoppa

commented a year ago

Researcher

https://www.huntr.dev/bounties/8ce4b776-1c53-45ec-bc5f-783077e2d324/ have 10$ for report

Jaap Marcus

commented a year ago

Maintainer

Rules have changed and Huntr.dev doesn't pay anything for Medium or Low CSV score on non featured ones ... Due to complains from maintainers. See Huntr.dev discord channel

Jaap Marcus

commented a year ago

Maintainer

Bug was present in a javascript function that displays the domain didn't sanitise it...

Jaap Marcus marked this as fixed in 1.5.10 with commit 640f82 a year ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

Jamie Slome

commented a year ago

Admin

CVE published! 🎉

to join this conversation

We are processing your report and will contact the hestiacp team within 24 hours. a year ago

Jaap Marcus validated this vulnerability a year ago

huydoppa has been awarded the disclosure bounty

The fix bounty is now up for grabs

Jaap Marcus

commented a year ago

Maintainer

@admin please assign a CVE for this issue

Jamie Slome

commented a year ago

Admin

CVE assigned (CVE-2022-0838)! 🎊

Jamie Slome

commented a year ago

Admin

Please ping me once you are ready to publish the fix and make the report public, and I will publish the CVE to MITRE.

huydoppa

commented a year ago

Researcher

https://www.huntr.dev/bounties/8ce4b776-1c53-45ec-bc5f-783077e2d324/ have 10$ for report

Jaap Marcus

commented a year ago

Maintainer

Rules have changed and Huntr.dev doesn't pay anything for Medium or Low CSV score on non featured ones ... Due to complains from maintainers. See Huntr.dev discord channel

Jaap Marcus

commented a year ago

Maintainer

Bug was present in a javascript function that displays the domain didn't sanitise it...

Jaap Marcus marked this as fixed in 1.5.10 with commit 640f82 a year ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

Jamie Slome

commented a year ago

Admin

CVE published! 🎉

to join this conversation