The following vulnerability allows the execution of malicious code on the web app. The testing was run through the search bar to see if certain javascript payloads could be executed.

There is a lot of blacklisting going on that does prevent a lot of standard payloads, but there are a number of advanced payloads which were executed.

That particular payload HTML encodes “javascript:аlert(23)”> and allows to pass through the blacklist

The following img-based payloads ended up triggering an alert script

Input sanitization and whitelisting can be two ways to mitigate the following vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *