Html Injection in Activity in squidex/squidex

Valid

Reported on

Dec 12th 2022

Description

Html injection in Activity and just only need html payload in workflow and fire in Activity list

Proof of Concept

  1. navigate to dashboard and workflow settings
  2. insert new workflow with this payload
<h1>test</h1>
  1. open the activity list

POC:

https://drive.google.com/file/d/1yDznjYdHFZ4WJNRk8LEHlZhvonyghZQE/view?usp=sharing

https://drive.google.com/file/d/1kBA8oF-SaMVI8aVkM39Ora8GBdDvKjIT/view?usp=sharing

Impact

inert html character in activity list and change response with special character

We are processing your report and will contact the squidex team within 24 hours. 3 months ago
We have contacted a member of the squidex team and are waiting to hear back 3 months ago
Sebastian Stehle validated this vulnerability 3 months ago
reza.duty has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Sebastian Stehle gave praise 2 months ago
Thanks a lot for your contribution
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
Sebastian Stehle marked this as fixed in 7.4.0 with commit cf4efc 2 months ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
This vulnerability is scheduled to go public on Feb 1st 2023
Sebastian Stehle published this vulnerability 2 months ago
to join this conversation