We found results for “”
WS-2021-0465
Date: December 13, 2021
Overview
The “vc-platform(VirtoCommerce)” application versions 3.0.0-rc.1 to v3.79.0 is affected by a stored XSS vulnerability in the product description section that allows low privileged application users to store malicious scripts in the product description.Details
The “vc-platform(VirtoCommerce)” application is affected by a stored XSS vulnerability in the product description section that allows low privileged application users to store malicious scripts in the product description.The vulnerability exists due to usage of HTML editor of uikit package, which supports markdown editing.
PoC Details
Login to the application with a manager role user that has administrative privileges for the electronics store. This is considered low privileges (this is not an administrative role of the application). Click on the “More” option from the left pane and then click the “Catalog” option. Click on the “Clothing” section, then click the “Accessories” section. Then select the bags section and open any of the products. Click on the Description option and click on QuickReview option to open the description. Now paste the below provided payload in the editor and click the preview option. Then click on the link created by the payload, and you will notice that XSS is triggered.PoC Code
[notmalicious](javascript:window.onerror=alert;throw%20document.cookie)
Affected Environments
3.0.0-rc.1 to 3.79.0Prevention
No fixLanguage: C#
Good to know:
Base Score: |
|
---|---|
Attack Vector (AV): | Network |
Attack Complexity (AC): | Low |
Privileges Required (PR): | Low |
User Interaction (UI): | Required |
Scope (S): | Changed |
Confidentiality (C): | Low |
Integrity (I): | Low |
Availability (A): | None |