Product detail

Affected product: Racktables
Affected version: 0.22.0
Affected component: search

A Cross-Site Scripting (XSS) vulnerability in Racktables version <= 0.22.0, located in the 'search' component at '/index.php?page=search', allows attackers to capture a victim's cookies through reflected Cross-Site scripting method.

Prerequisite

Install Racktables from official Racktables Github repository GitHub page

Racktables repository


Racktables latest version is 0.22.0


Installed Racktables version 0.22.0


Exploitation

1. Search with XSS payload, query for cookie, since cookie has no http-only flag set

<script>alert(document.cookie)</script>

Obtain victim's cookie session