| Title | Vanderlande OpenAIR - Baggage 360 v7.0.0 Cross-Site Scripting (XSS) Stored |
|---|
| Description | Vanderlande OpenAIR Baggage 360 v7.0.0 is vulnerable to stored XSS in the Messages feature. The endpoint POST /api-addons/v1/messages accepts HTML in the message field, stores it, and renders it unescaped. The payload executes when a user opens Bags → [select bag tag] → Interterm Bag Journey Details → Messages. A remote, authenticated low-privileged user can inject a script (e.g., <img src=x onerror=alert(document.cookie)>) into the message field and submit it. Anyone who later opens the affected bag tag will execute the JavaScript. The critical risk is that the Bags screen allows bulk selection. so using "Add Message" an attacker can attach the malicious payload to all selected bag tags in a single request. |
|---|
| Source | ⚠️ https://github.com/YasserREED/YasserREED-CVEs/edit/main/Vanderlande-OpenAIR-Baggage360/Stored%20Cross-Site%20Scripting%20(XSS).md |
|---|
| User | Anonymous User |
|---|
| Submission | 09/24/2025 22:43 (7 months ago) |
|---|
| Moderation | 10/05/2025 07:54 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 327189 [Vanderlande Baggage 360 7.0.0 /api-addons/v1/messages Message cross site scripting] |
|---|
| Points | 20 |
|---|