Reflected Xss using url based payload in neorazorx/facturascripts
Valid
Reported on
May 8th 2022
Description
Hi there i found that url parameter is not verified by server so an attacker can use javascript schema to run xss on user's browser
Proof of Concept
- Visit this page http://localhost/invoices/EditPageOption?code=ListProducto-new&url=javascript:prompt(2)
- Click on back button
PoC:-
https://youtu.be/l1uHfNa2p58
Impact
Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser
We are processing your report and will contact the
neorazorx/facturascripts
team within 24 hours.
20 days ago
Distorted_Hacker modified the report
20 days ago
Distorted_Hacker modified the report
20 days ago
We have contacted a member of the
neorazorx/facturascripts
team and are waiting to hear back
19 days ago
The researcher's credibility has increased: +7
Carlos Garcia
has been awarded the fix bounty
to join this conversation