Stored XSS Using Media
Medium
A
Automattic
Submitted None
Actions:
Reported by
dyoon
Vulnerability Details
Technical details and impact analysis
Hi,
Summary:
This exploits an XSS vulnerability on polldaddy.com
Steps to Reproduce:
1. Create a multiple-choice question quiz on Polldaddy
2. Insert stored XSS payload into Media Embed such that it matches the shortcode format
Payload: [<img src="http://url.to.file.which/not.exist" onerror=alert("Hello!");>]
3. When someone goes on the quiz page through the quiz share link, the payload will execute.
Proof of Concept (30-second video):
https://drive.google.com/file/d/0B_lsH7QMy9DkQnV5a3hHa05lSmM/view
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Stored