| 제목 | Onest CRM 1.0 - Stored XSS |
|---|
| 설명 | Author : skalvin aka (CraCkEr)
Date : 25/06/2023
Website : https://onesttech.com/details/crm
Vendor : Onest Tech
Software : ONEST CRM 1.0 - Customer Relationship Management System Software
Vuln Type: Stored XSS
Impact : Manipulate the content of the site
Release Notes:
Allow Attacker to inject malicious code into website, give ability to steal sensitive
information, manipulate data, and launch additional attacks.
## Stored XSS
------------------------------------------------------------
POST /admin/project/update/2 HTTP/2
Content-Disposition: form-data; name="name"
<script>alert(1)</script>
------------------------------------------------------------
POST parameter 'name' is vulnerable to XSS
## Steps to Reproduce:
1. Login (as Client) "Normal User"
2. Go to [Project List] on this Path (https://website/admin/project)
3. Select any Project Click on the ... then Select [Edit]
4. Inject your [XSS Payload] in "Name"
5. Scroll Down and Press [Update]
6. XSS Will Fire on Client Browser
5. When ADMIN Visit the [Project List] to Check the Projects on this Path (https://website/admin/project) in administration Panel
6. XSS will Fire & Executed on his Browser
Note: the Path for [Client Users] and [ADMIN] on the website it looks the same on "/admin/"
but The Client User Panel is Limited & don't show all Administration MENU Options in the Administration Panel to manage the website
[-] Done |
|---|
| 사용자 | skalvin (UID 49463) |
|---|
| 제출 | 2023. 06. 25. PM 01:16 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 07. 04. PM 03:48 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 232953 [Onest CRM 1.0 Project List /admin/project/update/2 이름 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|