Hi Team,
I hope you are doing well.
I found an XSS/HTML Injection Via Comments in Deck Cards.
Vulnerability Name :- XSS/HTML Injection Via Comments in Deck Cards
Vulnerability Description :- Hi Team , I found an XSS/HTML Injection Via Comments in Deck Cards, which leads to One time Malicious Script execution .
I performed my Testing on Localhost Latest version of Nextcloud 27.0.0.8.
{F2481183}
Steps to Reproduce :- 1. Setup the Nextcloud Instance Locally.
2. After setting up locally â> login.
3. After that Go to Deck â> Create Cards â> Click on that card â> Go to comments.
4. Enter this payload in comments :- <a href=âhttp://ââââââ/dangling_markup/name.htmlâ><font size=â100â color=âredâ>You must click me</font></a><base target="
5. You can also use this â> <a href=http://âââââââ/dangling_markup/name.html><font size=100 color=blue>You Hacked by BhaRat</font></a><base target="
6. Put this script in comments and click and send and Boom! you see the one time execution.
7. Attacker can easily found a way to make it persistent or execute their malicious script once.
POC Attached
If you need further info I am here to help you.
Thanks and Regards,
BhaRat