StrongShop v1.0 has a Reflective Cross-Site Scripting (XSS) vulnerability located in the file resources/views/admin/product/spec/index.blade.php.
Details
The vulnerability is located in the script tag. The application does not escape the user-supplied spec_group_id parameter before including it in the HTML output, leading to a reflective XSS vulnerability.
var spec_group_id = '{!!request('spec_group_id')!!}';
var tableConfig = {
cols: [cols]
,where:{spec_group_id:spec_group_id}
};
Util.renderTable(tableConfig);
}();
</script>
Summary
StrongShop v1.0 has a Reflective Cross-Site Scripting (XSS) vulnerability located in the file
resources/views/admin/product/spec/index.blade.php
.Details
The vulnerability is located in the script tag. The application does not escape the user-supplied
spec_group_id
parameter before including it in the HTML output, leading to a reflective XSS vulnerability.Proof of Concept (PoC)
http://192.168.0.10:1019/admin/product/spec/index?spec_group_id='%3C/script%3E%3Csvg%20onload=alert(1)%3E%3Cscript%3E