Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-1346: Multiple Stored XSS in organizr

Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.

CVE
Open in Source
#xss#google#git#java

Description

The organizr application allows malicious javascript payload in multiple-input fields like "Categories", “Bookmark Tabs” and “Bookmark Categories” for which attacker can takeover the admin account.

Proof of Concept

1.Login to the co-admin account and go to go to “Settings” -> "Tab Editor".

2.Now in "Categories", “Bookmark Tabs” and “Bookmark Categories” Add options insert the below payloads:

      <img src=x onerror=alert(document.cookie)>

      <img src=x onerror=alert(document.domain)>

      <img src=x onerror=alert(document.location)>

3.Then login with the admin account and go to “Settings” -> “Tab Editor” and visit the "Categories", “Bookmark Tabs” and “Bookmark Categories” and you will see XSS will trigger in all those fields.

PoC Video

https://drive.google.com/file/d/1n9FvXxzzmvtZc4VsdzOHl0oPxSnSDpMy/view?usp=sharing

Impact

This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.

Related news

CVE-2022-1345: Stored XSS viva .svg file upload in organizr

Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.

CVE-2022-1347: added sanitizeUserString and sanitizeEmail functions · causefx/Organizr@a09d834

Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation

CVE-2022-1344: Stored XSS due to no sanitization in the filename in organizr

Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.

CVE-2022-26144: 0029688: CVE-2022-26144: XSS in manage_plugin_page.php and manage_plugin_uninstall.php

An XSS issue was discovered in MantisBT before 2.25.3. Improper escaping of a Plugin name allows execution of arbitrary code (if CSP allows it) in manage_plugin_page.php and manage_plugin_uninstall.php when a crafted plugin is installed.

CVE-2022-1339: SQL injection in ElementController.php in pimcore

SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE