We found results for “”
CVE-2021-25984
Date: November 16, 2021
Overview
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.3 to v1.8.30, are vulnerable to stored Cross-Site Scripting (XSS) at the “post reply” section. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies.Details
Factor has stored XSS vulnerability at the “Post Reply” section which may allow a low privileged member to execute malicious JavaScript code.PoC Details
In a normal window login at http://localhost:3000 as an administrator. Now go to http://localhost:3000/dashboard/posts/forumTopic and create a sample Forum topic “topicbyadmin” and update it.Open the application in incognito window by going to http://localhost:3000 and signup with a new account. Go to the discussion “topicbyadmin” and in the comments section, add the payload given below.
Go to the administrator session and browse the discussion section. Then, click on the “topicbyadmin” thread. Refresh the page. A popup will appear.
PoC Code
<script>alert(4)</script>
Affected Environments
1.3.3 to 1.8.30Prevention
No fixLanguage: VUE
Good to know:
Base Score: |
|
---|---|
Attack Vector (AV): | Network |
Attack Complexity (AC): | Low |
Privileges Required (PR): | None |
User Interaction (UI): | Required |
Scope (S): | Changed |
Confidentiality (C): | Low |
Integrity (I): | Low |
Availability (A): | None |
Base Score: |
|
---|---|
Access Vector (AV): | Network |
Access Complexity (AC): | Medium |
Authentication (AU): | None |
Confidentiality (C): | None |
Integrity (I): | Partial |
Availability (A): | None |
Additional information: |