Forum Discussion
Application penetration test report a XSS vulnerability in sharepoint 2013
Hi All,
During Pen testing of my sharepoint 2013 application an XSS vulnerability is reported by testing team.
Below are the steps to produce the vulnerability.
1.) Login with Admin rights
2.) Navigate to Home Page > Edit > Edit Source. Enter the following payload: scRipt/--!>\x3csVg/<svg
onload="alert(document.cookie)//">\x3e</svg> and observe popup in response
Recommendations from team is
Testing team could not conclude definitively if the vulnerability is triggered by custom code or is part of a default SharePoint component behavior. That is why it is recommended that the development team reviews the finding and verifies if this is result of custom code. If not, it is recommended that the SharePoint component settings are reviewed and, if need be, restrict the HTML input into the link Title field.
Can we restrict the HTML input as suggested above or any other way to restrict the XSS vulnerability?
Any help is appreciated.
Thanks in advance.