Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-1838

Reflected XSS in New UI with /UiV2Public.index

    XMLWordPrintable

    Details

      Description

       

       

      From: grouper-core-request@internet2.edu grouper-core-request@internet2.edu On Behalf Of Jerry Lee
      Sent: Tuesday, July 17, 2018 7:45 PM
      To: grouper-core@internet2.edu
      Subject: [grouper-core] Reflected (GET request) cross-site scripting in New UI

       

      Hi Grouper developer team,

       

      This is Jerry from the University of Auckland, we would like to report a reflected (GET request) cross-site scripting vulnerability within Grouper's New UI.

       

      This vulnerability exist in the following url parameter: 

      hxxps://grouper-instance.localhost/grouper/grouperExternal/public/UiV2Public.index?operation=UiV2Public.postIndex&function=UiV2Public.error&code=xss payload

       

      A proof of concept url that could trigger this xss vulnerability would look like this: 

      hxxps://grouper-instance.localhost/grouper/grouperExternal/public/UiV2Public.index?operation=UiV2Public.postIndex&function=UiV2Public.error&code=%3Cscript%3Ealert(1)%3C/script%3E

       

      I've also attached a screenshot with the payload executed within client browser in this email, feel free to take a look if it would help resolving the issue. If you would like me to clarify anything in regards with above subject, please do not hesitate to contact me.

       

      Kind Regards,

      Jerry

       

      Jerry Lee | Information Security Analyst | University of Auckland

      +64 9 373 7599 ext. 83763 - hk.lee@auckland.ac.nz - PGP ID:0267ADF6 

       

      PGP Fingerprint: F886 6E17 F107 0717 C10D  30C3 AA9D FCB5 0267 ADF6

        Smart Checklist

          Attachments

            Activity

              People

              • Assignee:
                chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
                Reporter:
                chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: