Cross-Site Scripting (XSS) in Automation Tags
See original GitHub issueVersion: Papermerge 2.0rc35
Steps to reproduce
Log into Papermerge and visit the “automates” function located at /admin/automate/add/
. Insert the following payload into the “Tags” formular and confirm the new tag by inserting a single comma.
<script>alert('XSS');</script>
The JavaScript payload gets instantly executed by the browser, which leads to reflected XSS. If the automation with an XSS payload is saved, the issue will evolve to stored XSS.
If the saved automation is browsed again, e.g. via the following URL path /admin/automate/1
, the stored JS payload will be executed again.
Steps to mitigate this issue
As previously, it is recommended to escape all untrusted user input before reflecting or storing the data.
Issue Analytics
- State:
- Created 3 years ago
- Comments:7 (4 by maintainers)
Top Results From Across the Web
Cross Site Scripting (XSS) Attack Tutorial with Examples ...
A cross-Site Scripting attack is a malicious code injection, which will be executed in the victim's browser. The malicious script can be saved ......
Read more >Cross-site scripting (XSS) - Web Security Academy
Cross -site scripting (also known as XSS) is a web security vulnerability that allows an attacker to compromise the interactions that users have...
Read more >What is Cross-Site Scripting? XSS Cheat Sheet - Veracode
Cross-site scripting attacks, also called XSS attacks, are a type of injection attack that injects malicious code into otherwise safe websites.
Read more >What is Cross-Site Scripting (XSS)? How to Prevent and Fix It
Cross-site scripting (XSS) is a type of injection attack in which a threat actor inserts data, such as a malicious script, into content...
Read more >What is XSS | Stored Cross Site Scripting Example - Imperva
Stored XSS attack example ... While browsing an e-commerce website, a perpetrator discovers a vulnerability that allows HTML tags to be embedded in...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@l4rm4nd, danke! As with other high priority bugs (related specifically to 2.0), I will take care of them over the weekend.
Seems fixed. Cannot reproduce the XSS vulnerability.