CVE-2023-24744: CVEs/Rediker - XSS (Reflected & DOM-based).md at main · HeidiSecurities/CVEs

CVE-2023-24744

Author: Charles Heidbreder Software: Rediker Software AdminPlus Image Version: 6.191.00 Patch Level: n/a Vulnerability: DOM Based XSS. & Refelected XSS

Description: The Rediker Softwaret software is vulnerable to both DOM Based XSS and Reflected XSS attack. A DOM Based XSS attack is when a user sends an executed payload to the host and as a result, it modifies the DOM environment in the victim’s browser from the original client-side script. This attack was found through manually searching burp requests, running tested parameters through a XSS finder tool called Dalfox (https://github.com/hahwul/dalfox), then verifying the DOM of the affected host to view the behavior of the application.

Impact: An attacker can insert malicious code within the application DOM. This code can be executed causing the application to run client code unexpectedly. For testing purposes, the impact showed a payload consisting of a basic alert being called within the DOM inspection from the “onload” JavaScript functions. Then after sending the payload, the tester could see within the DOM itself the break of the “value” html value and then the JavaScript function itself. Additionally, an attacker could upload a reflected XSS payload inot the search paramter and pull information from teh webiste via the reflected payload.

Recommendation: To prevent XSS, you must sanitize all untrusted data, even if it is only used in client-side scripts. If you must use user input on your page, always use it in the text context, never as HTML tags or any other potential code. If you can, entirely avoid using user input, especially if it affects DOM elements.

Reproduction steps:

Below is the reproduction of the reflected XSS.