CVE-2022-32159

Overview

In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS.

Details

In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS where
a malicious user can save a malicious script while creating a new book.
When the victim user navigates to recent community edits and edit the book XSS will be triggered.

PoC Details

1. Login to the application with an admin user. (usually the URL will be: http://localhost:8080/)
2. Navigate to “More” options and click on “Add a Book”. Then fill up all the input fields and create a book.
3. Navigate to “work details” and insert the XSS payload in the text editor ("How would you describe this book") and click on save.
4. Navigate to private window and login with admin privileged user credentials .
5. Navigate to “Recent community edits” from more section and click on the recent post.
6. Now click on “Edit” and XSS will be triggered when the work details page will be displayed.

PoC Code

<img src=1 onerror=prompt(document.cookie)>

Affected Environments

openlibrary versions deploy-2016-07-0 through deploy-2021-12-22

Prevention

Upgrade to openlibrary version deploy-2022-06-09