Lucene search
RudloffA0FD0671-F051-4D41-8928-9B19819084C9HistoryJul 02, 2023 - 7:14 p.m.
youtube service is vulnerable to XSS vulnerability
2023-07-0219:14:23
rudloff
www.huntr.dev
5
youtube
xss
vulnerability
attributes
bugbounty
0.001 Low
EPSS
Percentile
19.5%
Description
If an attacker is able to insert a div with attributes on a page where the youtube service is enabled, they can craft a width attribute that would allow them to execute arbitrary JS on the page.
(Other attributes like theme or controls are also vulnerable to this.)
Proof of Concept
<!DOCTYPE html>
<html lang="en">
<head>
<title>TAC XSS</title>
<script src="tarteaucitron.js"></script>
<script>
(tarteaucitron.job = tarteaucitron.job || []).push('youtube');
tarteaucitron.init({ readmoreLink: '/foo', orientation: 'bottom' });
</script>
</head>
<body>
<div></div>
</body>
</html>
The srcdoc attribute can also be used for this (and should probably not be allowed):
<div></div>
Related
nvd
nvd
CVE-2023-3620
2023-07-11 15:15:20
cve
cve
CVE-2023-3620
2023-07-11 15:15:20
osv
osv
CVE-2023-3620
2023-07-11 15:15:20
tarteaucitron.js vulnerable to Cross-site Scripting
2023-07-11 15:31:18
prion
prion
Cross site scripting
2023-07-11 15:15:00
cvelist
cvelist
github
github
tarteaucitron.js vulnerable to Cross-site Scripting
2023-07-11 15:31:18
veracode
veracode
Cross-site Scripting (XSS)
2023-07-17 10:43:54
drupal
drupal
TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-016
2024-03-27 00:00:00