Stored XSS on new Calling plugin (spreed)
High
Vulnerability Details
There's a stored xss vulnerability ....
Proof Of Concept :
===============
1. Set `name` as an xss payload like `"x><img src=a onerror=alert(1)>`.
{F143238}
2. Invite people to single call room.
3. Xss will execute in IE. (It doesn't support CSP)
{F143237}
Impact :
========
Admin user can be xssed via this method if admin uses browsers like IE.
Let me know if you need help in reproducing
Actions
View on HackerOneReport Stats
- Report ID: 190870
- State: Closed
- Substate: resolved
- Upvotes: 4