Xss in compose mail functionaility in modoboa/modoboa-webmail
Feb 1st 2023
Reflected cross-site scripting (or XSS) arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way.
Proof of Concept
- Step1: login as normal user.
- step2: click on webmail and click on compose.
- step3: now enter "<svg/onload=alert(document.domain)"@demo.local, try this payload also "><img src=x onerror=alert(document.domain)>
Now the web page render the js and we can see the popup in the browser.
XSS can cause a variety of problems for the end user that range in severity from an annoyance to complete account compromise. The most severe XSS attacks involve disclosure of the user's session cookie, allowing an attacker to hijack the user's session and take over the account.
Here is the PR that fixes this issue: https://github.com/modoboa/modoboa-webmail/pull/242
@admin can you please assign cve for this report.
CVE assignment is in the hands of the maintainer, please refrain from tagging admins for this request. Thanks:)