Stored XSS Vulnerability through the Registration Form
Discovered by Nithissh.S
Vendor Homepage: https://github.com/MartDevelopers-Inc/iResturant
Bug Description:
Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
Steps to Produce:
- First of all we can have a look at the Source code
As you see the signup page source where all the input field was not properly sanitized with a appropriate regex pattern
2. So , lets signup using name and address field as a XSS payload below
3. We have now successfully signed up and lets login
4. While the Successful login , The XSS payload will get triggered
Impact:
This vulnerability has the potential to steal a user’s cookie and gain unauthorized access to that user’s account through the stolen cookie.
CVE Mitre -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43436