Lucene search
RezadutyBFD935F4-2D1D-4D3F-8B59-522ABE7DD065HistoryDec 14, 2022 - 5:01 a.m.
XSS in Integration URL
2022-12-1405:01:06
rezaduty
www.huntr.dev
14
xss vulnerability
integration url
javascript execution
bug bounty
EPSS
0.001
Percentile
25.3%
Description
XSS vulnerability in integration URL that could execute javascript when clicking on the URL
Proof of Concept
- navigate to the panel dashboard
- add or edit integration and insert the URL of integration with this payload
javascript:alert(1)
POC:
https://drive.google.com/file/d/1jK0eBsnhCEhhuun8Xu7uKb1tCjuKnPEi/view?usp=sharing
https://drive.google.com/file/d/1c80JrArTMKGeKUW13Ny34OgZht8HSAnR/view?usp=sharing
Related
prion
prion
Cross site scripting
2023-01-01 01:15:00
osv
osv
CVE-2023-0028
2023-01-01 01:15:12
cve
cve
CVE-2023-0028
2023-01-01 01:15:12
cvelist
cvelist
CVE-2023-0028 Cross-site Scripting (XSS) - Stored in linagora/twake
2023-01-01 00:00:00
nvd
nvd
CVE-2023-0028
2023-01-01 01:15:12