[CVE-2022–34966] OSSN 6.3 LTS — HTML injection Vulnerability at location parameter

Vulnerability Explanation:

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter.

Attack Vectors:

An attacker can send HTML code through any vulnerable form field to change the design of the website or any information displayed to the user, saving the information persistently on the site (e.g. database). As a result, the user will see the data sent by the attacker every time he calls up the vulnerable page.

Affected Component:

Payload:

<h1>PWNED</h1>

Tested on:

Steps to attack:

2. After logging into the application then we click on location button as show in the picture .

3. These fields are vulnerable to stored HTML injection, as shown below and then click post tab in bottom line.

4. As can be seen from the following evidence, the content of the injection was correctly saved on the page and executed each time the analytical driver in question is searched or called up internally by the application.

Request:

Response :

Finally!, We get the HTML Injection on Post page .

Bonus payload 😁

<marquee BODY ONSTART=alert('Grim-The-Ripper-Team-by-SOSECURE-Thailand')>=(◕_◕)=

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
GrimTheRipper

You get the best out of others when you give the best of yourself