Cross-site Scripting (XSS) - Stored in utmsigep/member-directory
May 15th 2021
Donor creation is vulnerable to stored XSS originating from donor creation due to missing sanitization on user input.
🕵️♂️ Proof of Concept
- Select a member-status/group - Create Member
- Enter an XSS payload into the
directory notesfield, eg.
<img src=x onerror="alert('dir notes')" />
- Hit save. Upon refreshing/navigating away and back to the page, the XSS payload stored in directory notes will execute.
Cross-site Scripting (XSS) is an attack vector that allows arbitrary code execution on a vulnerable page, which may lead to more severe impact such as session theft, data theft, phishing and malicious/unintended processing on the client-side. Stored XSS is a persistent vector and can deliver higher impact than reflected payloads.