invisible-recaptcha
invisible-recaptcha copied to clipboard
CWE-79 - Reflected Cross Site scripting vulnerability at /InvisibleRecaptcha.php
Hey, I'd like to request you to issue a CVE for this pull request.
Summary
As I'm doing security research during my bug bounty activities I stumbled upon an issue with a client that uses invisible-recaptcha
specifically speaking, the issue is within the "ac" parameter
As I discovered the vulnerability during my BlackBox approach, I decided to report it in this repo and to see the white box root cause of the matter.
The url of my proof of concept looked like the following:
invisibleRecaptcha?sitekey=XXXXXX&lang=XX&label=XXX&ac=</script><a%20href=javascript:alert(document.domain)>hi</a>
The payload I used was to escape the javascript context that the input was injected into and insert my own Cross Site Scripting code.