Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
[Description]
NeDi 1.9C is vulnerable to reflected cross-site scripting. The
Other-Converter.php file improperly validates
user input. An attacker can exploit this
vulnerability by crafting arbitrary JavaScript
in the txt GET parameter.
------------------------------------------
[Additional Information]
Step To Reproduce-:
1. Login with the credential.
2. Go to https://ip-nedi/Other-Converter.php?txt="><script>alert(document.domain)</script>
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]
Nedi-FindIt
------------------------------------------
[Affected Product Code Base]
Nedi - 1.9C
------------------------------------------
[Affected Component]
Other-Converter.php
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Code execution]
true
------------------------------------------
[Impact Escalation of Privileges]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
An attacker can exploit this vulnerability by crafting arbitrary
javascript ("><script>alert(document.domain)</script>) in `txt` GET
parameter of Other-Converter.php resulting in execution of the
javascript. Due to this flaw, an attacker can hijack the user's
session.
------------------------------------------
[Reference]
http://www.nedi.ch/download/
------------------------------------------
[Discoverer]
Preetham Bomma
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.