Taskhub 2.8.8 Cross Site Scripting

2023.09.24
Credit: nu11secur1ty
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

## Title: TASKHUB-2.8.8-XSS-Reflected ## Author: nu11secur1ty ## Date: 09/22/2023 ## Vendor: https://codecanyon.net/user/infinitietech ## Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 ## Reference: https://portswigger.net/web-security/cross-site-scripting ## Description: The value of the JSON parameter within the project parameter is copied into the HTML document as plain text between tags. The payload vn5mr<img src=a onerror=alert(1)>i62kl was submitted in the JSON parameter within the project parameter. This input was echoed unmodified in the application's response. The already authenticated (by using a USER ACCOUNT)attacker can get a CSRF token and cookie session it depends on the scenarios. STATUS: HIGH Vulnerability [+]Test exploit: ``` surw7%3Cscript%3Ealert(1)%3C%2fscript%3E ``` ## Reproduce: [href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/infinitietech/TASKHUB-2.8.8) ## Proof and Exploit: [href](https://www.nu11secur1ty.com/2023/09/taskhub-288-xss-reflected.html) ## Time spent: 01:10:00


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2023, cxsecurity.com

 

Back to Top