Overview
in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.
Details
The application `SiCKRAGE` is vulnerable to Cross-Site-Scripting(XSS) as user input from several functions is not sanitized. The attack can be exploited from inputs such as the `Post Processing Dir` field in the config/postProcessing/ endpoint, the `Black hole folder location` field in the config/search/ endpoint and using the `quicksearch` bar feature.
PoC Details
Within the SiCKRAGE site, go to the `config/search/` or `config/postProcessing/` endpoint. For the `config/search/` endpoint: Under the `torrent-client` tab Inject the given payload into the ”BLack hole folder location” field and submit the values. Then navigate to the `logs/view/` endpoint and observe the payload getting executed. For the `config/postProcessing/` endpoint: Inject the given payload into the ”Post Processing Dir” field and submit the values. Then navigate to the `home/serverstatus/` endpoint and observe the payload getting executed.
PoC Code
<script>alert(document.cookie)</script>
Affected Environments
4.2.0-10.0.11.dev1
Prevention
Upgrade to version 10.0.11.dev2
Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
What is a WS vulnerability ID? 
