ImthehackerlorH1:733051OWOX, Inc.: The URL in "Choose a data source'' at "https://bi.owox.com/ui/settings/connected-services/setup/" is not filtered => reflected XSS.
Hi team,
This is another report with #732987. Because it is completely independent
Detail
In the process of selecting the data source at https://bi.owox.com/ui/settings/connected-services/setup/, I found a reflected XSS.
Specifically, when you click on Google Analytics, a page will appear for you to enter Gmail. After completing the steps, an error link will appear during the redirect (Screenshot)
{F630196}
Vulnerable area:
Tested browser
Firefox
Chrome
PoC
- Note: I have shortened the URL to facilitate testing.
1, go to https://bi.owox.com/ui/callbacks/google-supervisors/analytics<img src=xss onerror=prompt(1)>/?state=d159b8264eef78b11afdd016531b128c
2, Log in and XSS will execute
{F630190}
Impact
>This vulnerability is aimed at all victims. Just paste this URL and login, XSS will automatically execute.
Therefore, it will have a high impact, because before XSS is executed, the application will ask the user to login.
- The attacker can execute JS code.
>Documents related to Impact
https://portswigger.net/web-security/cross-site-scripting/reflected
https://portswigger.net/web-security/cross-site-scripting/exploiting
Best regards,
@dat