Stored Cross Site Scripting *CVE-2024–33819*

SpeechLog v.8.1 — Stored XSS

Discovered by: Nikhil Thakur

######################################################################################
# Application Name : SpeechLog v.8.1             
# Author: Mr. Nikhil Thakur
# Vendor Homepage: https://www.globitel.com/
# Version: 8.1
# Tested on: Latest version of Chrome, Firefox on Windows and Linux.
# CVE: CVE-2024-33819
######################################################################################

— — — — — — — — — — — — — STORED Cross Site Scripting — — — — — — — — —

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Globitel KSA SpeechLog v8.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Save Query function.

Reproduction Steps:

• Step 1: Login to SpeechLog Application “https://speechlog.localhost.com/SpeechLog/"
• Step 2: Intercept the traffic through the Proxy Tool “BurpSuite”
• Step 3: On Dashboard, Click on Save New Query “https://speechlog.localhost.com/SpeechLog/”
• Step 4: Inject the malicious java code through user input box and save the query. Payload — “<img src=x onerror=alert(1)>”
• Step 5: It will be saved in Personal Queries.

• Step 6: Payload will trigger automatically after login…

Payload Executed

**Many Thanks to Globitel KSA Team for mitigating this Vulnerability…:)**