Dom XSS in module "Search IPv6" in librenms/librenms
Reported on
Sep 15th 2023
Description
1 .Access to IPv6 search function
2 .Enter the payload in the IPv4 field to perform the search
Payload :
"><script>alert(document.cookie)</script>
3 .Enter the search button and the payload will be executed
Proof of Concept
Link video Poc :
https://drive.google.com/file/d/1kgydW4sMb7N6h5A1ASJNsXNRV55zCbHh/view?usp=sharing
Impact
XSS can cause a variety of problems for the end user that range in severity from an annoyance to complete account compromise. The most severe XSS attacks involve disclosure of the user's session cookie, allowing an attacker to hijack the user's session and take over the account.can execute client side scrips etc
SECURITY.md exists
3 months ago
You forgot to update your comment to IPv6 in your copy-pasta. Also, your Occurrences is bogus and not appreciated.
@Tony Murray Your IPv6 search function is currently not processing input. Maybe in the report I mistakenly wrote it as IPv4
@Maintainer Can you please specify a CVE for this vulnerability ?
This has been listed as a vulnerability with user interaction required, although its a post request. Without creating another web application to create the post request how do you actually expect this to work? and even at that, what would be the outcome?