Last active
December 20, 2022 19:41
-
-
Save picar0jsu/4532a6d15e8f8d7597b7dca5136ad655 to your computer and use it in GitHub Desktop.
Multiple stored cross-site scripting (XSS) vulnerabilities in Sage EasyPay 10.7.5.10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Suggested description] | |
| Multiple stored cross-site scripting (XSS) vulnerabilities in Sage | |
| EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary | |
| web script or HTML via multiple parameters through Unicode | |
| Transformations (Best-fit Mapping), as demonstrated by the full-width | |
| variants of the less-than sign (%EF%BC%9C) and greater-than sign | |
| (%EF%BC%9E). | |
| ------------------------------------------ | |
| [Vulnerability Type] | |
| Cross Site Scripting (XSS) | |
| ------------------------------------------ | |
| [Vendor of Product] | |
| SAGE | |
| ------------------------------------------ | |
| [Affected Product Code Base] | |
| EasyPay - 10.7.5.10 | |
| ------------------------------------------ | |
| [Attack Type] | |
| Remote | |
| ------------------------------------------ | |
| [Impact Escalation of Privileges] | |
| true | |
| ------------------------------------------ | |
| [Attack Vectors] | |
| To exploit vulnerability, an authenticated attacker can inject | |
| JavaScript into input fields with full-width variant of the | |
| lesser-than sign (%EF%BC%9C) and greater-than sign (%EF%BC%9E) to | |
| bypass security measures in place. | |
| ------------------------------------------ | |
| [Reference] | |
| https://www.sage.com/en-sg/products/sage-easypay/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment