Espo CRM Cross Site Scripting

2014-08-10T00:00:00
ID PACKETSTORM:127827
Type packetstorm
Reporter Ankit Bharathan
Modified 2014-08-10T00:00:00

Description

                                        
                                            `# Affected software: http://www.espocrm.com/demo/  
# Discovered by: Ankit Bharathan  
# Website: ankitbharathan.blogspot.com  
# Type of vulnerability: Stored xss  
# Description:  
# A web application that allows you to see, enter and evaluate all  
your company relationships regardless of the type. People, companies,  
projects or opportunities -- all in an easy and intuitive interface.  
#  
# Description: espocrm is vulnerable to a Persistent Cross Site Scripting  
attack that allows a malicious user to inject javascripts that can  
access any cookies, session tokens, or other  
sensitive information retained by your browser .  
# Proof of concept:  
# 1. Create a new account ( http://127.0.0.1/espocrm/#Account)  
# 2. Complete the field Name using this value:  
"><svg onload="prompt(/xss/);"><!--  
# 3. Save changes.  
# 4. boom :)  
#screenshot:http://prntscr.com/4aiqae  
`