Description
Ticket management filter in Trudesk v1.2.0 allow user to perform XSS due to improper validation on filter attribute such as “status”, “ticket type”, “assignee” and etc.
Proof of Concept
- Login to Trudesk with role user privilege
- Tickets -> Filter ticket
- Filter for ticket status (poc on attribute status)
- Insert payload in the filter result
Endpoint
- http://{IP}/tickets/filter/
Payload used
- "><img src>
Screenshot POC
- ticket filter
- xss domain
- xss cookie