| Название | ZKTeco ZKBio CVSecurity V5000 4.1.0 Filter Bypass leads Stored Cross-Site Scripting to PrivEsc |
|---|
| Описание | A filter bypass has been identified in the "Department Name" field that results in Stored Cross-Site Scripting (Stored XSS). This vulnerability allows a user with permissions to edit existing fields or add new ones to the system to inject malicious scripts. This script can steal cookies from administrators or other users and potentially escalate privileges or perform other malicious actions.
Technical details:
The filter bypass issue that leads to Stored Cross-Site Scripting occurs as described below:
Access: Navigate to the Personal / Personnel / Department section.
Action: Edit an existing department or add a new one.
Payload Insertion: In the "Department Name" field, enter the following payload:
"><img src=x onerror="alert``"
Impact: Each time a user accesses the Departments list, the script is executed.
Risks and Consequences:
Cookie Theft: The attacker can capture session cookies from administrators and users, enabling session hijacking.
Privilege Escalation: By stealing cookies, an attacker can gain access to restricted areas of the system, performing actions they should not be able to perform.
Malicious Script Execution: The vulnerability allows the injection of scripts that can perform arbitrary actions in the victim's browser, such as redirecting to malicious websites, modifying displayed content, and more. |
|---|
| Источник | ⚠️ https://www.zkteco.com.br/zkbiocvsecurity/ |
|---|
| Пользователь | Stux (UID 40142) |
|---|
| Представление | 06.06.2024 16:03 (2 лет назад) |
|---|
| Модерация | 14.06.2024 17:29 (8 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 268693 [ZKTeco ZKBio CVSecurity V5000 4.1.0 Department Section Department Name межсайтовый скриптинг] |
|---|
| Баллы | 20 |
|---|