SurveyJS Survey Creator 1.9.132 Cross Site Scripting – Torchsec
Cross Site Scripting vulnerability in Survey JS Survey Creator v.1.9.132
and before allows an attacker to execute arbitrary code via the input field
parameters of the creator survey section.
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]
SurveyJS
------------------------------------------
[Affected Product Code Base]
Survey Creator - v1.9.132 and before
------------------------------------------
[Affected Component]
In every input field of creator survey section vulnerable to reflected and
stored cross-site scripting.
------------------------------------------
[Attack Type]
Context-dependent
------------------------------------------
[Impact Code execution]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
some XSS filter evasion
------------------------------------------
[Reference]
https://github.com/surveyjs/survey-creator/issues/5285
------------------------------------------
[Has vendor confirmed or acknowledged the vulnerability?]
true
------------------------------------------
[Discoverer]
Jettapol Pumwattanakul
Use CVE-2024-28635
#Proof of concept
Insert
[>">]
in input fields application reflected cross-site scripting.
Gloss