Ahmad Halabi

Published On: 14 May 2020

XSS on Change Folder Name

XSS
Private | Web
---
MEDIUM VALID
Description

A tricky XSS I found in a Private Program on Modifying Folders Name. The trick was in renaming folders, the application was sanitizing the folder input name upon creation but not upon renaming it.

Impact

Malicious user is able to execute Javascript code on the target website.




Reproduction Steps

Step
1

Create a folder and add an xss payload as the folder name.

Payload: <script>alert('xss');</script>

Step
2

No XSS is triggered.

For the same Folder, click Rename, keep the same payload, then click Save and the XSS will be executed ^_^

Show Image

Timeline
.
Ahmad 29 Feb 2020

Report Sent

.
Private 03 Mar 2020

Bug Fixed

.
Private 03 Mar 2020

Bounty Awarded

VALID