O2OA Stored Cross-Site Scripting Vulnerability in Personal Profile Page Component
Vulnerability
A stored cross-site scripting vulnerability has been identified in O2OA versions through 10.0-410. The issue resides in the Personal Profile Page component, specifically within the endpoint '/x_program_center/jaxrs/agent'. The vulnerability allows for the execution of malicious scripts, as user input is not properly sanitized before being stored and later displayed in the application.
Impact
Exploitation of this vulnerability allows for persistent execution of JavaScript in the context of the user’s browser. This could lead to theft of session tokens or sensitive information, as well as unauthorized actions being performed on behalf of the user.
Reproduction
To reproduce this vulnerability, send a POST request to the '/x_program_center/jaxrs/agent' endpoint with a payload that includes unsanitized HTML, such as an image tag with an 'onerror' event. Once the payload is stored, it will be executed when the profile is viewed.
Remediation
The vendor has indicated that this issue will be addressed in a future version.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.