Details
-
Bug
-
Resolution: Fixed
-
Blocker
-
13.10.8, 14.4.3, 14.6
Description
SUBMISSION REFERENCES
- Submission code: XWIKI-C7Q0YDJQ
- Submission URL: https://www.intigriti.com/auth/dashboard?redirect=/submissions/e95a7ad5-7029-4627-abf0-3e3e3ea0b4ce/XWIKI-C7Q0YDJQ
RESEARCHER INFORMATION
- Submitter: rekter0
SUBMISSION INFORMATION
- Created at: Fri, 04 Nov 2022 04:27:54 GMT
- Submission status: Archived
REPORT CONTENT
- Severity: Medium (5.4)
- Domain: https://intigriti.xwiki.com/ (Url)
- Proof of concept: ### Summary
parts of URI reflected in body tag without proper check
-
-
- poc
-
to trigger alertbox with access to DOM click the following URI
```
https://intigriti.xwiki.com/xwiki/authenticate/wiki/xwiki%22onload=%22alert(origin)%22/resetpassword
```
- Impact: XSS results in unauthorized code being executed/rendered by a user's browser. As a result the following may occur:
Perform action within the application that the user can perform
untrusted code can modify the DOM environment and retrieve/modify various values
view any information that the user is able to view
initiate interactions with other application users including malicious attacks that will appear to originate from the initial victim user
- Personal data involved: No
- Endpoint: https://intigriti.xwiki.com/xwiki/authenticate/wiki/xwiki[]/resetpassword
- Type: Reflected Cross-Site Scripting
- Attachments: Screenshot_2022-11-04_05-24-12.png
Attachments
Issue Links
- is caused by
-
XWIKI-19591 Local users of subwikis can't recover password or username
- Closed