Security Researcher Vedachala has discovered a post based Cross site Scripting vulnerability in the Defencely website - A company that provides web application penetration testing service.
The main page of the Defencely allows user to enter their website to get a security report. The form gets the input and pass the website address as "website_url" parameter to "Defencely.com/report_submit.php".
"If a web application is getting user's input, it is always better to double check and make sure the parameter is sanitized."
Veda has identified that "website_url" parameter is not sanitized and vulnerable to post request based XSS. He successfully managed to get the injected-script executed.
In one of the facebook group related to Security , the researcher provided the proof-of-concept(You can also find the details at pastebin.com/9JeJ1HK6). We have successfully verified the vulnerability. At the time of writing, the website is still vulnerable.
*Update:
Another Security Researcher named QuisterTow has discovered one more xss Vulnerability in the Defencely website.
The researcher provided the following POC in the pastebin(http://pastebin.com/yZzyezqG):
www.defencely.com/getstarted.php?id=Ij48aW1nIHNyYz14IG9uZXJyb3I9cHJvbXB0KCd4c3NlZCcpIC8+&price=OTk=&plan=c3RhcnRlcg==
At the time of writing, we are still able to reproduce the vulnerability.
The main page of the Defencely allows user to enter their website to get a security report. The form gets the input and pass the website address as "website_url" parameter to "Defencely.com/report_submit.php".
"If a web application is getting user's input, it is always better to double check and make sure the parameter is sanitized."
 |
| Post based xss in Defencely |
Veda has identified that "website_url" parameter is not sanitized and vulnerable to post request based XSS. He successfully managed to get the injected-script executed.
In one of the facebook group related to Security , the researcher provided the proof-of-concept(You can also find the details at pastebin.com/9JeJ1HK6). We have successfully verified the vulnerability. At the time of writing, the website is still vulnerable.
*Update:
Another Security Researcher named QuisterTow has discovered one more xss Vulnerability in the Defencely website.
The researcher provided the following POC in the pastebin(http://pastebin.com/yZzyezqG):
www.defencely.com/getstarted.php?id=Ij48aW1nIHNyYz14IG9uZXJyb3I9cHJvbXB0KCd4c3NlZCcpIC8+&price=OTk=&plan=c3RhcnRlcg==
At the time of writing, we are still able to reproduce the vulnerability.
