Stored XSS in Playlist Name Parameter Under Playlists Tab [#20451]

Get answers about the current version of MediaMonkey 5

Moderator: Gurus

Mayur
Posts: 4
Joined: Thu Nov 30, 2023 10:04 am

Stored XSS in Playlist Name Parameter Under Playlists Tab [#20451]

Post by Mayur »

Description:

We observed that Cross-site scripting vulnerabilities occur when user-supplied input is not properly validated & output is not properly escaped for the below vulnerable parameter.
In this observation, the attacker added the malicious script as payload in the Playlist Name field while creating the new Playlist which resulted in the execution of a Stored XSS attack.

RISK FACTOR: High

Affected Component: Playlist Name parameter.

Steps to reproduce:

1) Open the monkey media app and enter into the Playlist tab. While creating the new playlist, under the name filed add this {asdf"><img src=x onerror=alert(1)>} XSS playload and save it.

2) You will observe that the stored XSS attack got executed.
Mayur
Posts: 4
Joined: Thu Nov 30, 2023 10:04 am

Stored XSS in Playlist Name Parameter Under Playlists Tab.

Post by Mayur »

Description:

We observed that Cross-site scripting vulnerabilities occur when user-supplied input is not properly validated & output is not properly escaped for the below vulnerable parameter.
In this observation, the attacker added the malicious script as payload in the Playlist Name field while creating the new Playlist which resulted in the execution of a Stored XSS attack.

RISK FACTOR: High

Affected Component: Folder Name parameter.

Steps to reproduce:

1) Open the monkey media app and enter into the Devices & Services tab.

2) While creating the new Storage and Services, select Local Storage(folder), and under that select Network and change any network name.

3) Under the name filed add this {asdf"><img src=x onerror=alert(1)>} XSS payload and save it, you will observe that the stored XSS attack got executed.

4) While deleting that same edited folder you will observe another error based Stored XSS.
Ludek
Posts: 4918
Joined: Fri Mar 09, 2007 9:00 am

Re: Stored XSS in Playlist Name Parameter Under Playlists Tab.

Post by Ludek »

Hi,
thanks for reporting!
Fixed as https://www.ventismedia.com/mantis/view.php?id=20451
Mayur
Posts: 4
Joined: Thu Nov 30, 2023 10:04 am

Re: Stored XSS in Playlist Name Parameter Under Playlists Tab [#20451]

Post by Mayur »

Hi Ludek,

This issue is different, it comes under the Devices & Services tab and I don't have access to this link that you have given please give me access and please let me know about the CVE.

Thanks,
Mayur
Mayur
Posts: 4
Joined: Thu Nov 30, 2023 10:04 am

Reflected XSS under Home page Search filed

Post by Mayur »

Description:

We observed that Cross-site scripting vulnerabilities occur when user-supplied input is not properly validated & output is not properly escaped for the below vulnerable parameter.
In this observation, the attacker added the malicious script as a payload in the Search field while searching which resulted in the execution of a Reflected XSS attack.

RISK FACTOR: High

Affected Component: Search parameter.

Steps to reproduce:

1) Open the monkey media app, on the right-hand side you will able to see the search field add this {asdf"><img src=x onerror=alert(1)>} XSS payload and click search

2) You will observe that the Reflected XSS attack got executed.
Peke
Posts: 17415
Joined: Tue Jun 10, 2003 7:21 pm
Location: Earth
Contact:

Re: Reflected XSS under Home page Search filed

Post by Peke »

Hi,
thanks for reporting!
Fixed as https://www.ventismedia.com/mantis/view.php?id=20451
Best regards,
Peke
MediaMonkey Team lead QA/Tech Support guru
Admin of Free MediaMonkey addon Site HappyMonkeying
Image
Image
Image
How to attach PICTURE/SCREENSHOTS to forum posts
Post Reply