| Title | Onest CRM 1.0 - Stored XSS |
|---|
| Description | Author : skalvin aka (CraCkEr)
Date : 25/06/2023
Website : https://onesttech.com/details/crm
Vendor : Onest Tech
Software : ONEST CRM 1.0 - Customer Relationship Management System Software
Vuln Type: Stored XSS
Impact : Manipulate the content of the site
Release Notes:
Allow Attacker to inject malicious code into website, give ability to steal sensitive
information, manipulate data, and launch additional attacks.
## Stored XSS
------------------------------------------------------------
POST /admin/project/update/2 HTTP/2
Content-Disposition: form-data; name="name"
<script>alert(1)</script>
------------------------------------------------------------
POST parameter 'name' is vulnerable to XSS
## Steps to Reproduce:
1. Login (as Client) "Normal User"
2. Go to [Project List] on this Path (https://website/admin/project)
3. Select any Project Click on the ... then Select [Edit]
4. Inject your [XSS Payload] in "Name"
5. Scroll Down and Press [Update]
6. XSS Will Fire on Client Browser
5. When ADMIN Visit the [Project List] to Check the Projects on this Path (https://website/admin/project) in administration Panel
6. XSS will Fire & Executed on his Browser
Note: the Path for [Client Users] and [ADMIN] on the website it looks the same on "/admin/"
but The Client User Panel is Limited & don't show all Administration MENU Options in the Administration Panel to manage the website
[-] Done |
|---|
| User | skalvin (UID 49463) |
|---|
| Submission | 06/25/2023 13:16 (3 years ago) |
|---|
| Moderation | 07/04/2023 15:48 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 232953 [Onest CRM 1.0 Project List /admin/project/update/2 Name cross site scripting] |
|---|
| Points | 17 |
|---|