Summary
Hello Team,
I have found stored xss at https://*.leantime.io/calendar/showMyCalendar. XSS will be triggered to those who is having access to the calendar.
Details
Stored XSS: Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application
Steps to Reproduce:
- Login to https://*.leantime.io portal
- Click on My Calendar and then click on Add Event
- In the Title field, enter the XSS payload "<script>alert(1)</script>".
- Enter the rest of details in the event and click on save.
- The XSS payload will get triggered and you'll get the pop up.
Impact
An attacker can perform multiple things using stored XSS.
- Website Defacement via XSS
- Malware Download via XSS
- Open Redirection via XSS
- Cookie Stealing - A malicious user can steal cookies and use them to gain access to the application.
###POC
vibhum-dubey Reporter
Summary
Hello Team,
I have found stored xss at https://*.leantime.io/calendar/showMyCalendar. XSS will be triggered to those who is having access to the calendar.
Details
Stored XSS: Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application
Steps to Reproduce:
Impact
An attacker can perform multiple things using stored XSS.
###POC
