Cross-site Scripting (XSS) - Reflected in cortezaproject/corteza-server
Valid
Reported on
Feb 11th 2022
Description
The logout function doesn't clean/filter value of "back" parameter before reflecting into html code leading to Reflected XSS vulnerability.
Proof of Concept
Visit URL: https://latest.cortezaproject.org/auth/logout?back=%22%3E%3Cscript%3Ealert(origin)%3C/script%3E%3C%22
Poc: https://drive.google.com/file/d/13LU2PhHgD9_82gSxKwoo3266YdpMxWlD/view?usp=sharing
Impact
Reflected XSS. Attacker can steal user's data or phishing attack.
Occurrences
We are processing your report and will contact the
cortezaproject/corteza-server
team within 24 hours.
4 months ago
We have contacted a member of the
cortezaproject/corteza-server
team and are waiting to hear back
4 months ago
We have sent a
follow up to the
cortezaproject/corteza-server
team.
We will try again in 7 days.
3 months ago
We have sent a
second
follow up to the
cortezaproject/corteza-server
team.
We will try again in 10 days.
3 months ago
handle_logout.go#L25
has been validated
to join this conversation