Lucene search
R0hansh32EA4DDB-5B41-4BF9-B5A1-EF455FE2D293HistoryFeb 19, 2022 - 1:06 p.m.
Cross-site Scripting (XSS) - Stored
2022-02-1913:06:22
r0hansh
www.huntr.dev
18
0.001 Low
EPSS
Percentile
21.6%
Description
Stored XSS is a vulnerability in which the attacker can execute arbitrary javascript code in the victim’s browser. The XSS payload is stored in a webpage and it gets executed whenever someone visits that webpage.
I used 
 (Line Feed character) in the href attribute of <a> tag to bypass the xss checks of invalid_protocols (e.g. javascript:) happening in the application.
Proof of Concept
STEP 1: A low-priv user create a page with the following payload:
<a href>CLICK HERE TO EXPLOIT THIS XSS</a>
STEP 2: Victim visit the page and click on CLICK HERE TO EXPLOIT THIS XSS
XSS alert will show the domain name.
Impact
Attacker can execute arbitrary javascript code in the victim’s browser
Related
veracode
veracode
Cross-site Scripting (XSS)
2022-03-01 07:33:15
cnvd
cnvd
Grav Cross-Site Scripting Vulnerability (CNVD-2022-71110)
2022-03-02 00:00:00
nvd
nvd
CVE-2022-0743
2022-02-28 23:15:12
github
github
Cross site scripting in getgrav/grav
2022-03-02 00:00:22
osv
osv
CVE-2022-0743
2022-02-28 23:15:12
Cross site scripting in getgrav/grav
2022-03-02 00:00:22
cve
cve
CVE-2022-0743
2022-02-28 23:15:12
prion
prion
Cross site scripting
2022-02-28 23:15:00
cvelist
cvelist
CVE-2022-0743 Cross-site Scripting (XSS) - Stored in getgrav/grav
2022-02-28 23:00:12