XSS in Workflow Comment in squidex/squidex

Valid

Reported on

Dec 12th 2022


Description

XSS Vulnerability in Workflow Comment that user can insert javascript payload in comment

Proof of Concept

  1. navigate to dashboard and workflow settings
  2. open the commend in side-bar and insert like this payload
<h1 onclick=alert(1)> test</h1>

POC:

https://drive.google.com/file/d/1upZSc4JL6hpQDwcO5ldaf2czpjU66caJ/view?usp=sharing

Impact

Execute Javascript on the victim browser

We are processing your report and will contact the squidex team within 24 hours. a month ago
We have contacted a member of the squidex team and are waiting to hear back a month ago
Sebastian Stehle validated this vulnerability a month ago
reza.duty has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Sebastian Stehle marked this as fixed in 7.4.0 with commit cf4efc a month ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
This vulnerability is scheduled to go public on Dec 19th 2022
to join this conversation