https://huntr.dev/users/alromh87 has fixed the Stored-XSS on "ChatCord" vulnerability π¨. alromh87 has been awarded $25 for fixing the vulnerability through the huntr bug bounty program π΅. Think you could fix a vulnerability like this?
There is no proper sanitization of some data received from server making code injection available to malicious user, if traffic is intercepted and modified.
π» Technical Description *
Fixed by replacing the use of innerHTML() for innerText() efectively treating incoming data as text and not html elements.
https://huntr.dev/users/alromh87 has fixed the Stored-XSS on "ChatCord" vulnerability π¨. alromh87 has been awarded $25 for fixing the vulnerability through the huntr bug bounty program π΅. Think you could fix a vulnerability like this?
Get involved at https://huntr.dev/
Q | A Version Affected | ALL Bug Fix | YES Original Pull Request | https://github.com/418sec/chatcord/pull/1 Vulnerability README | https://github.com/418sec/huntr/blob/master/bounties/other/chatcord/1/README.md
User Comments:
π Metadata *
Bounty URL: https://www.huntr.dev/bounties/1-other-chatcord
βοΈ Description *
There is no proper sanitization of some data received from server making code injection available to malicious user, if traffic is intercepted and modified.
π» Technical Description *
Fixed by replacing the use of innerHTML() for innerText() efectively treating incoming data as text and not html elements.
π Proof of Concept (PoC) *
Proof of Fix (PoF) *
After fix data is treated as text and No code is executed for remote user
π User Acceptance Testing (UAT)
After fix functionality is unafected