Stored XSS in olx.pt

Stored XSS in olx.pt

Published on Author char49labsLeave a comment

Our team leader found a stored XSS in olx.pt. When submiting a new ad, it was possible to add a XSS payload on data[person]. The ad got approved without reflection on the output of this field, it was sanitized.
Afterwards when we try to edit the ad, the payload was launched, so the input wasn’t sanitized when added to the database. Then we checked the “other ads from this person” and guess what? Stored XSS payload was launched and reflected on the page twice. This is dangerous because it runs automatically when the victim visits the page.
The issue has been fixed now and the report in Hackerone has been publicly disclosed.
It also had reference in the press.

Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *