In this post I will go through CVE-2023-27069: the description, replication of the
vulnerability and POC.
openplatform is an Open-source
Javascript based "beautiful and simple portal for running, integrating
and managing multiple 3rd party web applications" (link
to the GitHub repo).
From the GitHub description we can read:
"OpenPlatform is a stylish and straightforward Web OS platform / Portal for running,
integrating, and managing multiple 3rd party web applications. OpenPlatform provides
running applications with a set of services, such as user and security management or
notifications, so that programmers can focus on business logic. OpenPlatform is an
enterprise-ready solution".
Click on user profile picture in the right corner below.
Click My Account
Set "><img src=x onerror=alert(document.domain)> as account
name and save.
XSS fires.
Each time a target will visit the dashboard the payload will fire, even if the
target is not logged in! In order to test this, just click logout and reload the
page.