Stored XSS in Customer Company Name in inventree/inventree

Valid

Reported on

Jun 13th 2022

Description

The application inventree is vulnerable to Stored XSS in customer company name field.

Proof of Concept

Video PoC Link: https://drive.google.com/file/d/11tKQzqKFobDEuqigsQYIdQhMnqSLIBsi/view?usp=sharing

Impact

This allows the attacker to execute malicious scripts in all the project members browser and it can lead to session hijacking, sensitive data exposure, and worse.

We are processing your report and will contact the inventree team within 24 hours. a year ago

A GitHub Issue asking the maintainers to create a SECURITY.md exists a year ago

We have contacted a member of the inventree team and are waiting to hear back a year ago

Oliver validated this vulnerability a year ago

saharshtapi has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Oliver marked this as fixed in 0.7.2 with commit 26bf51 a year ago

Oliver has been awarded the fix bounty

This vulnerability will not receive a CVE

saharshtapi

commented a year ago

Researcher

@admin Can you assign CVE?

to join this conversation