KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting

EDB-ID: 43054
Author: Ishaq Mohammed
Published: 2017-10-25
CVE: CVE-2017-15878
Type: Webapps
Platform: NodeJS
Vulnerable App: N/A

 # Vendor Homepage: 
# Exploit Author: Ishaq Mohammed
# Contact:
# Website:
# Category: WEBAPPS
# Platform: Node.js
# CVE: CVE-2017-15878

Vendor Description:

KeystoneJS is a powerful Node.js content management system and web app
framework built on express and mongoose. Keystone makes it easy to create
sophisticated web sites and apps, and comes with a beautiful auto-generated
Admin UI.

Technical Details and Exploitation:

A cross-site scripting (XSS) vulnerability exists in
fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via
the Contact Us feature.

Proof of Concept:

1. Navigate to Contact Us page
2. Fill in the details needed and enter the below payload in message field
and send
<a onmouseover=alert(document.cookie)>XSS link</a>
3. Now login as admin and navigate to the above new record created in the
4. Move the cursor on the text “XSS link”


The issues have been fixed and the vendor has released the patches


Related Posts