Stored XSS on Tag in answerdev/answer


Reported on

Feb 9th 2023


Evil users can attack other users or administrator users through this vulnerability, causing other users/administrator user accounts to be taken over

Proof of Concept

step 1. Create new tag

Step 2: Enter XSS payload <img src=x onerror=alert(localStorage.getItem('_a_lui_')) /> to Description tag

Step 3: Go to

Step 4: Click to tag



Executing JavaScript in victim's session which leads to potential account takeover, perform actions as that user, ...

We are processing your report and will contact the answerdev/answer team within 24 hours. 10 months ago
A GitHub Issue asking the maintainers to create a exists 10 months ago
Kevin Kien modified the report
10 months ago
We have contacted a member of the answerdev/answer team and are waiting to hear back 10 months ago
joyqi validated this vulnerability 9 months ago
Kevin Kien has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
joyqi marked this as fixed in 1.0.6 with commit 90bfa0 9 months ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
joyqi published this vulnerability 9 months ago
index.tsx#L67-L114 has been validated
to join this conversation