Code Injection in tsolucio/corebos

Valid

Reported on

Nov 6th 2021

Description

The user can control a point and infuse arbitrary HTML code into a vulnerable web page. This vulnerability can have numerous results, like disclosure of a user’s session treats that might be utilized to impersonate the victim, or, more generally, it can permit the aggressor to alter the page substance seen by the victims.

Proof of Concept

Go to::   http://demo.corebos.com/index.php?action=%3Ch%3EHTML-Injection%3C/h%3E%3Cp%3Ehello%3C/p%3E%3Cp%3Ehai%3C/p%3E%3Ch1%3ECONTENT%3C/h1%3E%3Ca%20href=https://evil.org%3EMalicious-Link%3C/a%3E&module=Home

// PoC.py (Content Injection Length)

import webbrowser

payload = "| 7h3h4ckv157 |" * 354
url = "http://demo.corebos.com/index.php?action=" + payload + "&module=Home"

webbrowser.open(url)

Impact

HTML Injection: Malicious URL + Content

An injection permits the attacker to send a malicious HTML page to a victim. The targeted browser will not be able to recognize genuine parts from malicious parts of the page, and subsequently will parse and execute the entire page within the victim’s context. Attacker is able to control an input point and is able to inject subjective HTML code into a vulnerable web page.

We are processing your report and will contact the tsolucio/corebos team within 24 hours. 2 years ago

Joe Bordes validated this vulnerability 2 years ago

7h3h4ckv157 has been awarded the disclosure bounty

The fix bounty is now up for grabs

Joe Bordes marked this as fixed with commit ba92bb 2 years ago

Joe Bordes has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation