Stored XSS in Properties Parameter in pimcore/pimcore

Valid

Reported on

Mar 18th 2023

Description

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user

Proof of Concept

1.Go to https://11.x-dev.pimcore.fun/admin/ and login.
2.Then go the Document Edit page.
3.Click on properties button
4.In parameter text filed inject Xss payload `><img src=x onerror=alert(document.domain);>`
5.Click on save button and you can see Xss are triggered.


POC LINK : https://drive.google.com/file/d/1y9JVccNm0MxKqHZ-Fii_lSt5YZwB67ir/view?usp=sharing

Impact

This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.

We are processing your report and will contact the pimcore team within 24 hours. 2 months ago
We have contacted a member of the pimcore team and are waiting to hear back 2 months ago
pimcore/pimcore maintainer has acknowledged this report 2 months ago
2 months ago

Researcher

Any update on this ?

a month ago

Researcher

Any update on this ?

a month ago

Researcher

Any update on this

Christian F. validated this vulnerability a month ago
Sandeep Dhanwai has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
a month ago

Researcher

Can you assign a CVE please?

Divesh Pahuja marked this as fixed in 10.5.21 with commit 9fc674 a month ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
Divesh Pahuja published this vulnerability a month ago
to join this conversation