Square: XSS on bookfresh

2014-09-03T21:18:35
ID H1:26857
Type hackerone
Reporter mikkz
Modified 2015-02-23T03:35:09

Description

Hi,

Xss is triggered on https://www.bookfresh.com/cindex.php/profile/edit/cs/staff_member

Payload:

%22onmouseover%3Dprompt%281%29%20mik%22

Steps to reproduce

Create a new staff and put our payload on the name of the staff. Refresh the page

Edit the staff and mouseover to the name of the staff and the javascript will execute.

Regards, Mikko