Savsoft Quiz 5 - 'field_title' Stored Cross-Site Scripting

vendor:

Savsoft Quiz 5

by:

Dhruv Patel(dhruvp111296)

7.5

CVSS

HIGH

Stored Cross-Site Scripting

CWE

Product Name: Savsoft Quiz 5

Affected Version From: 5.0

Affected Version To: 5.0

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10

2020

Savsoft Quiz 5 – ‘field_title’ Stored Cross-Site Scripting

This vulnerability can results attacker to inject the XSS payload in admin panel Custom Field section. And Inject JavaScript Malicious code & Steal User’s cookie. Attack vector: Steps for reproduce: 1. Go to admin panel’s add custom fields page 2. Fill the Title name as <script>alert("HELLO XSS")</script> payload in title. 3. Now Click on Save we can see our payload gets executed. 4. All Users Can Show our Payload As a xss.

Mitigation:

Input validation and output encoding should be used to prevent XSS attacks.

Source

Exploit-DB raw data:

# Exploit Title: Savsoft Quiz 5 - 'field_title' Stored Cross-Site Scripting
# Date: 2020-09-02
# Exploit Author: Dhruv Patel(dhruvp111296)
# Vendor Homepage: https://savsoftquiz.com/
# Software Link: https://github.com/savsofts/savsoftquiz_v5.git
# Version: 5.0
# Tested on: Windows 10

Attack vector:
This vulnerability can results attacker to inject the XSS payload in admin
panel Custom Field section. And Inject JavaScript Malicious code & Steal
User’s cookie

Vulnerable Parameters: title
Steps for reproduce:
1. Go to admin panel’s add custom fields page
2. Fill the Title name as <script>alert("HELLO XSS")</script> payload in title.
3. Now Click on Save we can see our payload gets executed.
4. All Users Can Show our Payload As a xss.