SolidInvoice Stored Cross-Site Scripting Vulnerability in Recurring Invoice Module
Vulnerability
A stored cross-site scripting vulnerability has been identified in SolidInvoice versions through 2.4.0. The issue resides in the Recurring Invoice Module, specifically within the '/invoice/recurring' file. The vulnerability is triggered by manipulating the 'client name' parameter, allowing for the injection of malicious JavaScript that is persistently stored and executed automatically when the recurring invoice list is accessed. This impact affects all authenticated users.
Impact
Exploitation of this vulnerability allows for the injection of JavaScript payloads that are executed automatically when the recurring invoice list is accessed, potentially leading to the theft of session cookies or other sensitive information.
Reproduction
To reproduce this vulnerability, an authenticated user must create a new client in the SolidInvoice application and inject a JavaScript payload into the 'Name' field. After saving the client, the user can create a recurring invoice that references the injected client. Once the recurring invoice is saved, the JavaScript payload will be executed when the recurring invoices list is accessed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.