stored HTML-Injection in the FAQ-Proposal

2023-01-2400:01:07

ahmedvienna

www.huntr.dev

penetration test

stored html-injection

faq-proposal

vulnerability

administrator verification

javascript code

phishing

malware download

exploitation steps

bug bounty

0.001 Low

EPSS

Percentile

45.1%

JSON

Dear Ladies and Gentlemen,
First of all, thank you for your time and effort in reading my Report.
While doing the Penetration Test my Brother Josef Hassan ([email protected] ) and I were able to identify another stored HTML-Injection Vulnerability in the FAQ-Proposal Form.
The Process of the Vulnerability:

Login
Go to https://roy.demo.phpmyfaq.de/index.php?sid=61&lang=de&action=add&cat=0
Any User will be able to submit questions that need to be verified by the Administrator.
As soon as the Administrator will review the Question and accept it the HTML Code will work after refreshment.
The User can submit HTML code and it will run as Code.
Type any kind of JavaScript Code like <h1>1</h1>
The Attacker can inject HTML Code and to do further malicious things like Phishing, Malware Download, redirecting to malicious Sites etc.
Through this, any Attacker can inject HTML Code and use further Vulnerabilities to use other Exploitation Steps.
Finally, I want to thank you for your time and effort, and hope to hear from you soon.

Best regards
Ahmed Hassan & Josef Hassan