CVE-2022–31200.

Post Based Cross Site Scripting (XSS) on atmail V-5.62

Discovered by: Rohit Gautam.

Reference: https://portswigger.net/blog/exploiting-xss-in-post-requests

What is POST XSS?
POST XSS refers to a type of Cross-Site Scripting (XSS) attack that occurs when malicious code is injected into a web application through the HTTP POST method. In this attack, the malicious code is embedded within the body of an HTTP POST request, which is typically used to submit data to a web server.

GET vs POST-XSS
GET XSS occur through the URL parameters in the HTTP GET request, POST XSS attacks exploit vulnerabilities in the application’s handling of POST data. The injected malicious code can be stored in a database, reflected back to other users, or used to manipulate the behavior of the application.

Bug Description:

To exploit the vulnerability, an attacker can send a specially crafted request with xss payload in the keyword parameter in the body to perform XSS Attack.

Steps To Reproduce:

1. Go to this demo website -
http://77.220.64.131/mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html

2. In the Search Terms Field Enter the payload <img src=x
onerror=confirm(1)>

3. You will see an XSS alert to confirm the presence of the vulnerability.

LinkedIn:
https://www.linkedin.com/in/iamrohitg

Thank you
Rohit Gautam.