Chaining Stored XSS

hey,

So this is the poc of a stored cross site scripting vulnerability i have found on edmodo. I had to do a bit of context breaking but it was easy 🙂

Domain : https://snapshot.edmodo.com

Endpoint : https://snapshot.edmodo.com/quizzes/new

Payload : “><img src=x onerror=prompt(1)>

screen shot 1

Got Reflection.

screen shot 2

After some minutes i got a mail that i have receive a notification on my dashboard. When i checked the dashboard notification panel i found something like this.

screen shot 3

But their was no reflection. After a bit of struggle i came up with a payload.

Payload : </noscript>;;></x><y/></z><img/src=` onerror=prompt“>

Got Reflection 🙂

screen shot 4

Hope you like it,

Follow me on twitter @spidersec

Related posts

Leave a Comment

19 + seventeen =