Financials By Coda Cross Site Scripting
2024-3-16 21:3:55 Author: cxsecurity.com(查看原文) 阅读量:9 收藏

# Vulnerability type: Cross-site Scripting # Vendor: https://www.unit4.com/ # Product: Financials by Coda # Product site: https://www.unit4.com/fr/products/financial-management-software # Affected version: < 2023Q4 # Fixed version: 2023Q4 # Credit: Léo DRAGHI # CVE: CVE-2024-28734 # PROOF OF CONCEPT The /coda/frameset endpoint, accessible by any unauthenticated user, reflects the value of the cols parameter. Since this value is not properly sanitized and encoded when the web page is rendered, this could allow a malicious actor to execute JavaScript code in the context of another user's browser by only sending to a victim a malicious link. GET /coda/frameset?cols="><frame%20src="javascript:alert('XSS')"> HTTP/2 Host: <target> # TIMELINE – 30/10/2023: Vulnerability found – 02/11/2023: Vendor informed – 05/12/2023: Vendor fixed the issue – 14/03/2024: Public disclosure



 

Thanks for you comment!
Your message is in quarantine 48 hours.


文章来源: https://cxsecurity.com/issue/WLB-2024030035
如有侵权请联系:admin#unsafe.sh