Stored Cross Site Scripting Vulnerability in "Maintenance banner" function in Netbox 3.5.6

Tu LeTu Le
1 min read

Version: 3.5.6 Description An authenticated malicious user can take advantage of a Stored XSS vulnerability in "Maintenance banner" function in the "[Home]› [Extras] › [Config revisions] › Add config revision" feature.

Proof of Concept Step 1: Go to "https://demo.netbox.dev/admin/extras/configrevision/add/" click "Add" and insert payload in "Maintenance banner:" field, And "Save"

Screenshot 2023-07-19 at 08 53 03

Step 2: Try to login with an other account and Go to "https://demo.netbox.dev/admin/extras/configrevision/add/". Then, script excuted

Screenshot 2023-07-19 at 08 50 04

Impact If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.

Report by @TuLe from HSCT Security.

0
Subscribe to my newsletter

Read articles from Tu Le directly inside your inbox. Subscribe to the newsletter, and don't miss out.

netboxSecurityXSScross site scripting

Written by

Tu Le
Tu Le