Cybersecurity Student at Sapienza University. Passionate about Computing, Nature and cooking.
Author: Edoardo Ottavianelli
In this post I will go through CVE-2023-30095: the description, replication of the vulnerability and POC.
, a product of TotalJS, is
"a chat application for programmers. Our solution is a small, fast, and open-source web application that you can customize to fit your needs. Try our great solution as a communication channel in your company or sell it to your customers."
The Messenger platform includes:
Supports GitHub flavored markdown.
Supports secret messages.
Description of the vulnerability
TotalJS messenger commit b6cf1c9 is vulnerable to XSS. The channel description field is not properly sanitized.
Replication of the vulnerability
Login in the application.
Click on Channels.
Click on Add a new channel.
Fill all the possible fields with payload
XSS will fire whenever user info is reflected in page.
See the Youtube Video POC here: