来源

关联漏洞

描述

I contacted the monica development team via email on 11/20/2024. I also contacted them via LinkedIn, and other platforms in the weeks that followed. Publishing here since there was no response.

介绍

# Monica-Stored-XSS-Vulnerability

## CVE-2024-54951
I contacted the monica development team via email on 11/20/2024. I also contacted them via LinkedIn through connection message attempt, and other platforms in the weeks that followed. Publishing here since there was no response after 3 months of time.

## Monica Docker v. 4.1.2 Stored XSS Vulnerability

1) First hit the contacts button in the top pane
![image](https://github.com/user-attachments/assets/1eb05e42-7528-4b7c-8201-cdeb1ff95398)

2) On the right hand side click [Add someone]
![image](https://github.com/user-attachments/assets/7ce9f502-bc86-4e8d-9eaa-689f42dad3f1)

3) enter your XSS payload into all of the name fields as they are all vulnerable. You need to use double quotes for your payloads single quotes seem to break the web application.
![image](https://github.com/user-attachments/assets/d5b7025b-6524-46a4-8969-9b88318308a4)

4) then on the left hand pane click the HOW YOU MET url.
![image](https://github.com/user-attachments/assets/0f8a6b90-bf03-4ac2-ab92-506d56a2cd80)

5) Then select the contact that has your javascript payloads under the "Has someone introduced you to this person?" drop down list. Then hit save.
![image](https://github.com/user-attachments/assets/86d6478d-771e-431a-b72f-e576f0f66961)
 
6) See the javascript payload in the contact page for the person you made executed under the "HOW YOU MET" box.
![image](https://github.com/user-attachments/assets/f0d9708a-24c6-4a1d-96c1-556cfdce3984)
![image](https://github.com/user-attachments/assets/95ef768f-f3aa-4fb9-a22b-69f473cd8ec9)

文件快照

 [4.0K]  /data/pocs/e29e5a2cd37983714ac5ad3bc0f0a468b6b60b5d
└── [1.5K]  README.md

0 directories, 1 file

备注