Reflected Xss using url based payload in neorazorx/facturascripts


Reported on

May 8th 2022


Hi there i found that url parameter is not verified by server so an attacker can use javascript schema to run xss on user's browser

Proof of Concept

  1. Visit this page http://localhost/invoices/EditPageOption?code=ListProducto-new&url=javascript:prompt(2)
  2. Click on back button



Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser

We are processing your report and will contact the neorazorx/facturascripts team within 24 hours. 20 days ago
Distorted_Hacker modified the report
20 days ago
Distorted_Hacker modified the report
20 days ago
We have contacted a member of the neorazorx/facturascripts team and are waiting to hear back 19 days ago
Carlos Garcia validated this vulnerability 18 days ago
Distorted_Hacker has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Carlos Garcia confirmed that a fix has been merged on 8e31d8 18 days ago
Carlos Garcia has been awarded the fix bounty
18 days ago


@admin can you assign cve ?

Jamie Slome
16 days ago


Sorted 👍

to join this conversation