WhiteSource Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: December 29, 2021
OverviewIn “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for them.
DetailsIFme has stored XSS vulnerability in the editor, which can be exploited by making a victim a Leader of a group which triggers the payload for them.
PoC DetailsIn the normal window, Access the application by going to http://localhost:3000/users/sign_in and login with admin creds. Go to http://localhost:3000/groups/depression-discussion-group and join the group (press the door logo). Now, in the incognito window, go to http://localhost:3000/users/sign_in and login as a normal user. No go to http://localhost:3000/groups/depression-discussion-group/edit and enter the payload (given in the PoC Code section) in the content and tick the checkbox to make the Admin User as one of the leaders. Now submit it. Now in the normal window, where the admin is logged in, access the url http://localhost:3000/groups/depression-discussion-group/edit and we see that xss gets triggered.
Affected Environments1.0.0 to v7.31.4
PreventionUpdate to version v7.32
Good to know:
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||Low|
|User Interaction (UI):||Required|
|Access Vector (AV):||Network|
|Access Complexity (AC):||Medium|