Recently I thought of hunting Hotgloo website. One of my friends referred me this website. It is a awesome site which provides you create wireframes for website and webproject. You should check it out if you are web developer. They have a responsible disclosure policy. You can have a lot at it over here.
I was interested in the search box of the help page.
What ever we pass through the search box will be echoed back to the client.
Search Results for
This made me fuzz around to get something interesting. Let’s give a direct XSS payload and check the output.
Seems like HTML chars are being converted to HTML entities. But I was interested in fuzzing more and more. After some time I gave a one null byte character and checked the output.
help?btn_search=3&q=%00<svg/onload="prompt(‘XSS by Osanda’)">
W00t! We have our payload nicely interpreted on the client side.
So here we go XSS!
I was also able to find three more issues apart from this XSS 🙂
Hoe you enjoyed reading this short write-up.