Lucene search
Shivansh-khariC9D7374F-2CB9-4BAC-9C90-A965942F413EHistoryDec 30, 2021 - 4:29 p.m.
Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
2021-12-3016:29:15
shivansh-khari
www.huntr.dev
8
0.001 Low
EPSS
Percentile
41.7%
Description
On Login Page, There Is A “from=” parameter in URL which is vulnerable to open redirect and which can be escalated to reflected XSS.
Proof of Concept
- Install Keystone 6 On Your System.
- Go To http://localhost:3000/signin?from=http://evil.com And Login And You’ll Be Redirected To evil.com.
- Go To http://localhost:3000/signin?from=javascript:alert(document.domain) And Login And After Login, You’ll See Two Reflected XSS Pop Ups.
Impact
This vulnerability is capable of making users to redirect to any malicious website using open redirect and reflected XSS can help the attacker to fetch cookies and also for phishing.
Related
cve
cve
CVE-2022-0087
2022-01-12 00:15:10
github
github
Reflected cross-site scripting (XSS) vulnerability
2022-01-12 21:55:40
veracode
veracode
Cross-site Scripting (XSS)
2022-01-13 07:05:06
cvelist
cvelist
CVE-2022-0087 Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
2022-01-11 23:20:11
nuclei
nuclei
Keystone 6 Login Page - Open Redirect and Cross-Site Scripting
2023-11-06 10:22:24
cnvd
cnvd
keystone cross-site scripting vulnerability
2022-01-12 00:00:00
osv
osv
CVE-2022-0087
2022-01-12 00:15:10
Reflected cross-site scripting (XSS) vulnerability
2022-01-12 21:55:40
prion
prion
Cross site scripting
2022-01-12 00:15:00
nvd
nvd
CVE-2022-0087
2022-01-12 00:15:10