जमा करें #50338: Unauthenticated Stored XSS in apinto-dashboard <= v1.1.0-beta via callback, usernameजानकारी

शीर्षक	Unauthenticated Stored XSS in apinto-dashboard <= v1.1.0-beta via callback, username
विवरण	# Get start repo: https://github.com/eolinker/apinto-dashboard 1,Download and unzip the installation package Apinto 2,Start gateway 3,Download and unzip the installation package Apinto Dashboard 4,Start Apinto Dashboard ```bash wget https://github.com/eolinker/apinto/releases/download/v0.8.0/apinto-v0.8.0.linux.x64.tar.gz && tar -zxvf apinto-v0.8.0.linux.x64.tar.gz && cd apinto ./apinto start cd .. wget https://github.com/eolinker/apinto-dashboard/releases/download/v1.1.0-beta/apinto-dashboard-v1.1.0-beta.linux.x64.tar.gz && tar -zxvf apinto-dashboard-v1.1.0-beta.linux.x64.tar.gz && cd apinto-dashboard ./apinto-dashboard ``` # Unauthenticated Stored XSS While user loging, the wrong user name and callback parameter will be recorded in the activity log, but the output parameters are not escaped correctly, external attacker can inject arbitrary js code. poc: open /login?callback=/<img src=1 onerror=alert(/2nd-xss/)> enter `<img src=1 onerror=alert(/1st-xss/)>` at the username ![](https://c2.im5i.com/2022/11/01/XrTL4.png) ![](https://c2.im5i.com/2022/11/01/XrXvW.png) then open /activity-log ![](https://c2.im5i.com/2022/11/01/Xrjjd.png) ![](https://c2.im5i.com/2022/11/01/XrHKR.png)
उपयोगकर्ता	Tomy (UID 34751)
सबमिशन	01/11/2022 11:54 AM (4 साल पहले)
संयम	01/11/2022 04:50 PM (5 hours later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	212640 [eolinker apinto-dashboard /login callback क्रॉस साइट स्क्रिप्टिंग]
अंक	17

◂ पिछला सिंहावलोकन अगला ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!