Stored XSS in tsolucio/corebos
Reported on
Apr 24th 2023
Description
I tested the demo site you provided. I see that there is an XSS vulnerability. I hope you can check and provide a fix as soon as possible.
Proof of Concept
link video PoC
https://drive.google.com/file/d/186jNX2EJW_aIaknmOmwBhQ663SSzv289/view?usp=sharing
Step
1.Go to my preferences and edit
2.Edit email and press save --> intercept burp
3.Add this line to the email in burp and press forward
"><script>alert(1)</script><"
4.Turn off intercept in burp and go back to my preferences click on email to compose message
I see that the code that I added to the email has been executed
Impact
(1) It enables intruders to manipulate background data maliciously, including reading, changing, adding and deleting some information.
(2) Stealing users' personal information or login accounts will pose a huge threat to the user security of the website.
(3) First, embed the malicious attack code into the Web application. When the user browses the hanging horse page, the user's computer will be implanted with a Trojan horse.
(4) Send advertisements or spam messages. Attackers can use XSS vulnerabilities to plant advertisements or send spam, seriously affecting the normal use of users.
user can insert xss code into their gmail to hijack admin session cookie when admin click send mail to that user
https://drive.google.com/file/d/12lltnwN-MlMpaKp1eyxeqysOoF0JFylm/view?usp=sharing
@admin It's been almost 2 weeks but haven't received any knowledge from tsolucio team. Can you try contacting other members from the group?
Hey @H4ck3r, this is as far as our outreach attempts go at the moment. Feel free to try and contact the maintainer directly yourself to see if you can get their attention to your report. Thanks!
