Description

Ticket management filter in Trudesk v1.2.0 allow user to perform XSS due to improper validation on filter attribute such as “status”, “ticket type”, “assignee” and etc.

Proof of Concept

1. Login to Trudesk with role user privilege
2. Tickets -> Filter ticket
3. Filter for ticket status (poc on attribute status)
4. Insert payload in the filter result

Endpoint

1. http://{IP}/tickets/filter/

Payload used

1. "><img src>

Screenshot POC

1. ticket filter
2. xss domain
3. xss cookie