0

I am learning how to find vulnerabilities in web-apps. I am trying to find an XSS vul. in an app.

There is a reactjs webapp. Exist two possibilities, two inputs that change information of a user, one is the bio and other changes the webpage of the user.

<div class="sc-hMqMXs gwiZKI">
  <div class="sc-hSdWYo jeEjXR" aria-disabled="false">
    <textarea data-gr="textarea" maxlength="160" placeholder="Describe yourself briefly in one or two           sentences…" rows="4" height="84" aria-invalid="true" class="sc-eHgmQL liNjVN">" /&gt;                     &lt;script&gt;alert();&lt;/script&gt;
    </textarea>
  </div>
 </div>

When i try to set an input with script tag, there has to be some kind of stringify that dont let me go foward to it.

This is the output of the first input:

<p class="Builder__BiographyStyle-v13eqd-0 gOpKPy sc-cBdUnI dWHKbJ" style="color: rgb(116, 116, 116);">&lt;script&gt;alert(1);&lt;/script&gt;</p>

The payload was: <script>alert(1)</script>

The second one is the webpage:

the code of the input es almost the same as the first:

<input data-gr="input" maxlength="160" placeholder="myhomepage.eu" aria-invalid="true" class="sc-jWBwVP bCXLCE" value="{{javascript:alert(1)}}">

And the output of the input on HTML is:

<a rel="noreferrer noopener" target="_blank" display="primary" href="https://{{javascript:alert(1)}}" class="Link__TextLinkStyle-sc-18o82bi-0-a bAMZxp">https://{{javascript:alert(1)}}</a>

This means that the input is stringified and the https:// is added. How could be the syntax to make an XSS vul execute code in there, is it possible?

Mauricio De armas
  • 2,079
  • 3
  • 11
  • 15

0 Answers0