Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

ERPNext 12.29 - Cross-Site Scripting (XSS)

🗓️ 05 Apr 2023 00:00:00Reported by Patrick Dean Ramos / Nathu Nandwani / Junnair ManlaType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 197 Views

ERPNext 12.29 XSS Vulnerability in 'My Settings' Pag

Related
Code
ReporterTitlePublishedViews
Family
0day.today		ERPNext 12.29 - Cross-Site Scripting Vulnerability
5 Apr 202300:00
zdt
ATTACKERKB		CVE-2022-28598
22 Aug 202217:15
attackerkb
Circl		CVE-2022-28598
22 Aug 202220:20
circl
CNNVD		ERPNext 跨站脚本漏洞
22 Aug 202200:00
cnnvd
CVE		CVE-2022-28598
22 Aug 202200:00
cve
Cvelist		CVE-2022-28598
22 Aug 202200:00
cvelist
EUVD		EUVD-2022-33040
22 Aug 202200:00
euvd
NVD		CVE-2022-28598
22 Aug 202217:15
nvd
OSV		CVE-2022-28598
22 Aug 202217:15
osv
Packet Storm		ERPNext 12.29 Cross Site Scripting
6 Apr 202300:00
packetstorm
Rows per page
# Exploit Title: ERPNext 12.29 - Cross-Site Scripting (XSS)
# Date: 7 Feb 2023 
# Exploit Author: Patrick Dean Ramos / Nathu Nandwani / Junnair Manla
#Github - https://github.com/patrickdeanramos/CVE-2022-28598
# Vendor Homepage: https://erpnext.com/
# Version: 12.29
# CVE-2022-28598

Summary: Stored cross-site scripting (XSS) vulnerability was found in ERPNext 12.29 where the 
"last_known_version" field found in the "My Setting" page in ERPNext 
12.29.0 allows remote attackers to inject arbitrary web script or HTML via 
a crafted site name by doing an authenticated POST HTTP request to 
'/desk#Form/User/(Authenticated User)' and inject the script in the 
'last_known_version' field where we are able to view the script by 
clicking the 'pdf' view form.

This vulnerability is specifically the "last_known_version" field found 
under the 'My Settings' where we need to first save the my settings.

1. Login as any user
2. Under the ‘last_known_version’ field we are going to inject our 
malicious script.
3. To view our injected script we need to click the view pdf page, and as 
seen below we have successfully injected our script.

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Apr 2023 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 3.16.1
EPSS0.05888
cross-site scriptingstored xsserpnext 12.29my settings.
197