Webasyst 2.9.9 - Stored XSS via the "Instant messenger" Field

**Summary**

Webasyst 2.9.9 has a Stored XSS vulnerability, An Attacker inject malicious javascript code in  the "Instant messenger" field for a stored XSS, This can lead to privilege escalation of user to admin, and more.

**Steps to reproduce**:

Go to "My profile"
Click "Edit".
On the Instant messenger field, enter payload: "><script>alert(document.domain)</script>
Click Save then XSS will trigger.

Impact

The attacker can steal data from whoever checks his profile.

POC:

![image](https://github.com/webasyst/webasyst-framework/assets/100689893/e124637f-434d-4903-9514-c71637cff3ab)

![image](https://github.com/webasyst/webasyst-framework/assets/100689893/97d560f8-d4e1-442a-a36c-1052e8373b3a)




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Webasyst 2.9.9 - Stored XSS via the "Instant messenger" Field #378

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

Webasyst 2.9.9 - Stored XSS via the "Instant messenger" Field #378

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions