XSS Vulnerability

[PythEch]

Registering with a username like <script>alert('xss');</script> results a very good way to exploit XSS.

After that, all you need to do is to login to the chat server. I didn't look further but stealing cookies should be possible (or other nasty things).

It looks like usernames in People tab are not sanitized.

Screenshots: http://imgur.com/Y2w8hTe,H97p03N,d5IDBli

EDIT: I'm not sure but it looks like I have to change First name and Last name to that string too, else I can't connect to the chat server.

The People tab on the browser as HTML (which makes this attack possible):

<div class="widget" id="widget_widget_0">
  <h5 class="widget-header">
    <img src="/assets/people_icon.png">People
  </h5>
  <div class="widget-content" id="widget_0"><ul class="user_list"><li class="user" title="<script>alert('xss');</script>">
  <img class="avatar" src="https://secure.gravatar.com/avatar/2ebe455c2f31b6bc9ca152c50b37f4e7?s=25&amp;d=identicon">
  <script>alert('xss');</script>
</li><li class="user" title="pythech">
  <img class="avatar" src="https://secure.gravatar.com/avatar/f4f01e97f6ef1e98427603193245c36e?s=25&amp;d=identicon">
  pythech
</li></ul></div>
  <div style="display: none;" class="widget-action-bar"></div>
</div>

A big thanks to @Triforce1 for letting me to use his own chat server :) I tried if this was possible after seeing him pentesting his own server. Without him, I was never going to discover this.

[alexhulbert]

Lol. I saw you overflowed my chat server with XSS after I was doing a little pentesting :D.