SolidInvoice Cross-Site Scripting Vulnerability in Tax Rate Functionality
Vulnerability
A stored cross-site scripting vulnerability has been identified in SolidInvoice version 2.3.7, specifically within the Tax Rates feature. This issue allows authenticated attackers to inject arbitrary JavaScript, which is executed in the browsers of users viewing the Tax Rates page. The vulnerability has been fixed in SolidInvoice version 2.3.8.
Impact
Exploitation of this vulnerability allows for the injection of malicious JavaScript that is executed in the context of other authenticated users. In a multi-user environment, this could result in session hijacking, theft of credentials or tokens, phishing or social engineering attacks, and unauthorized actions performed on behalf of another user.
Reproduction
To reproduce this vulnerability, navigate to 'System > Tax Rates > Add Tax Rate'. Enter a payload in the 'Name' field using an image tag with an 'onerror' attribute, such as '<image/src/onerror=prompt(1)>'. Fill in all required fields and save the tax rate. Then, visit 'System > Tax Rates' to trigger the injected script.
Remediation
Users are advised to update SolidInvoice to version 2.3.8 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.