My First CVE-2023–27225.
Cross-Site Scripting (XSS) on User Registration, Login and User Management System.
Discovered by: Ridhesh Gohil
Vulnerable Version: V-3
Vendor Homepage: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/
Hello, I am Ridhesh Gohil, and writing this blog to share my experience with you that how I get my first CVE on user registration login and user management system with admin panel
I was working on a PHP open-source software named user registration login and user management system with admin panel and it was hosted locally on my system through XAMPP
I started hunting on this program and after trying multiple vulnerabilities like auth bypass, login bypass, csrf, etc, and no success, I got frustrated and took a break for some time
After the break when I was registering myself as a new user, I injected an XSS payload and “BOOM!!” I got a stored xss on the registration page
Bug Description
As an Attacker can load and execute our supplied javascript in the web app then we can steal the cookies of the user and perform an Account takeover (ATO).
Also, We will use a document.cookie payload which will give the cookie and we can redirect the cookie to the attacker's server thus we can take the cookie from our logs.
Steps to Reproduce:
- Go to User Registration Login And Management System Website and click on signup here
2. After Clicking on it fill up the Details and in the First & Last Name Field add this payload <script>alert(1)</script> and click on Create account
3. Instead of “1” we can use “document.cookie” so that we can access the credentials
I requested for CVE Id for this vulnerability from https://cveform.mitre.org and a few weeks later I received mail that my request was approved this way I got assigned CVE-2023–27225.
Special Thanks to my mentors Rohit Gautam sir and Shifa Cyclewala ma’am.❤🤗
Thank you so much for reading 🤗
My LinkedIn ID: https://www.linkedin.com/in/ridhesh-gohil
