| Title | OpenXE Org OpenXE 1.12 Improper Neutralization of Alternate XSS Syntax |
|---|
| Description | Cross Site Scripting in OpenXE v1.12
A low-level user with access to the ticket system can create a ticket containing an XSS payload that has the possibility of taking a higher user's cookie. ]
The vendor claims it to be a low risk and that they might (not) fix it in the future:
--- Vendor response below
Yes we checked it, we consider this a very low risk thing because the ticket system is used only internally. Will maybe be fixed the next time someone does work on this module.
--- End of vendor response
The advisory below is with a simple PoC that will send the cookie to an attacker's IP.
|
|---|
| Source | ⚠️ https://www.singto.io/pocsforexploits/openxe/openxe-xss-ticket.html |
|---|
| User | Jelle Janssens (UID 81048) |
|---|
| Submission | 02/28/2025 09:26 (1 Year ago) |
|---|
| Moderation | 03/09/2025 08:00 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 299050 [OpenXE up to 1.12 Ticket Bearbeiten Page Notizen cross site scripting] |
|---|
| Points | 20 |
|---|