WORKSUITE - Project Management System v2.4.7 Stored XSS Injection

2019.04.27
ru QUIXSS (RU) ru
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

[*] :: Title: WORKSUITE - Project Management System v2.4.7 Stored XSS Injection [*] :: Author: QUIXSS [*] :: Date: 2019-04-27 [*] :: Software: WORKSUITE - Project Management System v2.4.7 [?] :: Technical Details & Description: # Weak security measures like bad input fields data filtering has been discovered in the «WORKSUITE - Project Management System». Current version of this web-application is 2.4.7. [?] :: Demo Website: # https://codecanyon.net/item/worksuite-project-management-system/20052522 # Backend: https://demo.worksuite.biz/login # Login/Password (admin): admin@example.com/123456 [!] :: Special Note: # Author of this web-application was warned about bad security measures. Nothing has changed. [!] :: For developers: # Disabling any data changes on a demo websites doesn't make your applications more secure. It's good for business and sales but you are simply double-crossing your clients. [+] :: PoC [Stored XSS Injection]: # Authorize on the demo website for tests, then go to any page with a text field, f.e. https://demo.worksuite.biz/admin/task/all-tasks/54/edit # On the «Title» input field use payload like <img src="x" onerror="alert('QUIXSS')">, save the data and then you'll see that XSS filter is not triggered and your payload is successfully injected. # Almost each input field is vulnerable for Stored XSS Injection. # Sample payload: <img src="x" onerror="alert('QUIXSS')">

References:

https://codecanyon.net/item/worksuite-project-management-system/20052522


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top