categoly Cross-site Scripting (XSS) - Stored in nuxsmin/syspass
May 21st 2022
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Proof of Concept
- Create new user,add category and add XSS payload(" onClick="alert(1)")
- Search user.
- Click Client tab.
- xss is executed.
Please check this video. https://drive.google.com/file/d/1PAyU-OunbaP9But9ga60ria-W6G3yfTC/view?usp=sharing
Overall, " characters are not escaped. XSS may occur in other areas.