alwaysdata All Projects: Tasklist

	ID	Status	Summary	Opened by
	2	Closed	~~XSS Vulnerability in [admin.alwaysdata.com] Support Tic~~ ...	Redhet	Task Description XSS Vulnerability in [admin.alwaysdata.com] Support Ticket System Vulnerability Report Greeting: Dear Team I'm writing to report a critical Reflected Cross-Site Scripting (XSS) vulnerability discovered in your [admin.alwaysdata.com] application. This vulnerability allows attackers to inject malicious JavaScript into the application, potentially compromising user accounts and sensitive data. PoC: By sending a specially crafted request containing the payload redhet"'><script>prompt(document.domain)</script> through the add_participants parameter in the support ticket creation form, we can trigger the XSS vulnerability and execute arbitrary JavaScript in the victim's browser. Summary: A reflected XSS vulnerability has been identified in the "add_participants" parameter of the support ticket creation form on admin.alwaysdata.com. This vulnerability allows attackers to inject malicious JavaScript code that will be executed in the victim's browser when they view a vulnerable page. Vulnerability Details: Type: Reflected XSS (OWASP A4) Exploit: Injecting malicious JavaScript through a vulnerable request parameter Vulnerable URL: https://admin.alwaysdata.com/support/add/ Vulnerable Request: POST /support/add/ Vulnerable Endpoints: The add_participants parameter in the support ticket creation form Payload: redhet"'><script>prompt(document.domain)</script> This parameter is used to add participants to a support ticket, but it is not properly sanitized, allowing attackers to inject arbitrary code that will be executed in the browser of any user who views the vulnerable ticket. ## Impact Assessment 1. Impact one: Information Disclosure: The attacker can steal sensitive user information, such as cookies or session IDs, by executing malicious JavaScript within the victim's browser. 2. Impact two: Account Takeover: The attacker could potentially hijack user accounts by tricking them into executing malicious code that grants unauthorized access. 3. Impact three: Defacement: The attacker could manipulate the content displayed on the application by injecting malicious JavaScript that alters the user interface. ## Recommendations 1. Step one: Immediately sanitize all user input: Implement strict input validation and sanitization procedures to prevent the injection of malicious code. This includes escaping special characters and enforcing a Content Security Policy (CSP). 2. Step Two: Patch vulnerable software: Update all relevant software to the latest versions to address known vulnerabilities. 3. Step three: Consider additional security measures: Implement a web application firewall (WAF) to further protect against XSS attacks. 4. Step four:Regularly scan for vulnerabilities: Conduct regular penetration testing and vulnerability scans to identify and address potential security issues. Impact: Execution of arbitrary JavaScript code in the victim's browser Potential for session hijacking, credential theft, or other attacks ## Steps to Reproduce 1. Step one: Access the support ticket creation form at https://admin.alwaysdata.com/support/add/ 2. Step two: Enter the following payload in the "add_participants" field: redhet"'><script>prompt(document.domain)</script> 3. Step three: Submit the form. 4. Final step: Observe that the JavaScript code is executed, displaying a prompt with the domain name. (cookies) Attachments PoC Video: [Link to video demonstrating the vulnerability]** ## References [OWASP XSS Prevention Cheat Sheet]: (https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) [OWASP XSS Testing Guide]: (https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/01-Testing_for_Reflected_Cross_Site_Scripting) I hope you will give me a good answer!! If you have any questions, feel free to ask them ;) Thank You, Regards, Redhet

Closed

~~XSS Vulnerability in [admin.alwaysdata.com] Support Tic~~ ...

Task Description

XSS Vulnerability in [admin.alwaysdata.com] Support Ticket System

Vulnerability Report
Greeting: Dear Team

I'm writing to report a critical Reflected Cross-Site Scripting (XSS) vulnerability discovered in your [admin.alwaysdata.com] application. This vulnerability allows attackers to inject malicious JavaScript into the application, potentially compromising user accounts and sensitive data.

PoC: By sending a specially crafted request containing the payload redhet"'><script>prompt(document.domain)</script> through the add_participants parameter in the support ticket creation form, we can trigger the XSS vulnerability and execute arbitrary JavaScript in the victim's browser.

Summary:

A reflected XSS vulnerability has been identified in the "add_participants" parameter of the support ticket creation form on admin.alwaysdata.com. This vulnerability allows attackers to inject malicious JavaScript code that will be executed in the victim's browser when they view a vulnerable page.

Vulnerability Details:

Type: Reflected XSS (OWASP A4)

Exploit: Injecting malicious JavaScript through a vulnerable request parameter

Vulnerable URL: https://admin.alwaysdata.com/support/add/

Vulnerable Request: POST /support/add/

Vulnerable Endpoints: The add_participants parameter in the support ticket creation form

Payload: redhet"'><script>prompt(document.domain)</script>

This parameter is used to add participants to a support ticket, but it is not properly sanitized, allowing attackers to inject arbitrary code that will be executed in the browser of any user who views the vulnerable ticket.

## Impact Assessment

1. Impact one: Information Disclosure: The attacker can steal sensitive user information, such as cookies or session IDs, by executing malicious JavaScript within the victim's browser.

2. Impact two: Account Takeover: The attacker could potentially hijack user accounts by tricking them into executing malicious code that grants unauthorized access.

3. Impact three: Defacement: The attacker could manipulate the content displayed on the application by injecting malicious JavaScript that alters the user interface.

## Recommendations

1. Step one: Immediately sanitize all user input: Implement strict input validation and sanitization procedures to prevent the injection of malicious code. This includes escaping special characters and enforcing a Content Security Policy (CSP).

2. Step Two: Patch vulnerable software: Update all relevant software to the latest versions to address known vulnerabilities.

3. Step three: Consider additional security measures: Implement a web application firewall (WAF) to further protect against XSS attacks.

4. Step four:Regularly scan for vulnerabilities: Conduct regular penetration testing and vulnerability scans to identify and address potential security issues.

Impact:

Execution of arbitrary JavaScript code in the victim's browser
Potential for session hijacking, credential theft, or other attacks

## Steps to Reproduce

1. Step one: Access the support ticket creation form at https://admin.alwaysdata.com/support/add/

2. Step two: Enter the following payload in the "add_participants" field: redhet"'><script>prompt(document.domain)</script>

3. Step three: Submit the form.

4. Final step: Observe that the JavaScript code is executed, displaying a prompt with the domain name. (cookies)

Attachments
PoC Video: [Link to video demonstrating the vulnerability]**

## References

[OWASP XSS Prevention Cheat Sheet]: (https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)

[OWASP XSS Testing Guide]: (https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/01-Testing_for_Reflected_Cross_Site_Scripting)

I hope you will give me a good answer!!

If you have any questions, feel free to ask them ;)

Thank You,

Regards,
Redhet

Showing tasks 1 - 1 of 1 Page 1 of 1

All Projects

Available keyboard shortcuts

Tasklist

Task Details

Task Editing