Titanium JIRA Archive
Appcelerator Community (AC)

[AC-698] Found A critical Vulnerbility While Creating Users

GitHub Issuen/a
TypeBug
Priorityn/a
StatusClosed
ResolutionDuplicate
Resolution Date2016-03-01T16:31:15.000+0000
Affected Version/sn/a
Fix Version/sn/a
Componentsn/a
Labelsn/a
ReporterHussain
AssigneeShak Hossain
Created2016-03-01T05:47:19.000+0000
Updated2016-03-02T05:19:18.000+0000

Description

Reflected XSS are the most frequent type of XSS attacks found in the wild. Reflected XSS attacks are also known as non-persistent XSS attacks and, since the attack payload is delivered and executed via a single request and response, they are also referred to as first-order or type 1 XSS.

Attachments

FileDateSize
xss 2.png2016-03-01T05:47:14.000+0000127781
xss 3.png2016-03-01T05:47:14.000+0000128084
xss 4.png2016-03-01T05:47:14.000+0000126518
xss in user creation.png2016-03-01T05:47:14.000+0000117316

Comments

  1. Jebun Naher 2016-03-01

  2. Hussain 2016-03-02

    Hii, I made a video which demonstrates the reproduction steps to trigger this vulnerability. creating user is location from where the attacker injects the malicious script Payload used : ">;

JSON Source