Posted by Nicolas Malin (Jira) on Dec 19, 2020; 4:55pm
URL: http://ofbiz.116.s1.nabble.com/jira-Created-OFBIZ-12096-Post-auth-XSS-vulnerability-at-catalog-control-EditProductPromo-tp4762904.html

Jacques Le Roux created OFBIZ-12096:
---------------------------------------

             Summary: Post-auth XSS vulnerability at catalog/control/EditProductPromo
                 Key: OFBIZ-12096
                 URL: https://issues.apache.org/jira/browse/OFBIZ-12096
             Project: OFBiz
          Issue Type: Sub-task
          Components: product/catalog
    Affects Versions: Trunk
            Reporter: Jacques Le Roux
            Assignee: Jacques Le Roux


This vulnerability was reported by 牛治 <[hidden email]>:

Locations:
* catalog/control/EditProductPromo
* catalog/control/EditProductPromoCode

Description: the Promo Name and Promo Text input boxes on the EditProductPromo page have not a valid verification and result in an XSS attack.                                

Poc: Encode the characters of "<script>alert('poruin')</script>", and the poc after encoding is as follows "\x3C\x73\x63\x72\x69\x70\x74\x3E\x61\x6C\x65\x72\x74\x28\x27\x70\x6F\x72\x75\x69\x6E\x27\x29\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E"



--
This message was sent by Atlassian Jira
(v8.3.4#803005)