Grabtaxi Holdings Pte Ltd: [] DOM XSS at /assets/bower_components/lodash/perf/

ID H1:248560
Type hackerone
Reporter imbecile
Modified 2017-08-16T14:01:13


Summary: DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner (Source)

Description: It is observed in endpoint that the value given in build and other GET parameters are accessed by client side script and written on page using document.write without output encoding - resulting DOM XSS.

Vulnerable client side cod in page: {F202292}

which will track back to script source - in switch default value has been set to build which will be same as user injected in parameter. (Script link: {F202294}

Browsers Verified In:

  • Mozilla Firefox (Latest)

Steps To Reproduce:

Open any of below links in Mozilla Firefox and observe the script execution.

Injected in build GET parameter: >

Injected in other GET parameter: >

Supporting Material/References:

Execution Screenshot: {F202293}