CVE Identification and Details

Reproduction of the Attack

The following steps were used to identify and confirm the reflected XSS vulnerability in the height and width parameters of the GET request to the affected endpoint. The testing was conducted using Burp Suite.

Step 1: Crafting the URL with XSS Payloads

  1. Description: A request was crafted by adding the height and width parameters to the URL with the XSS payload: X';alert('X');'.
  2. Payload in URL:

XSS-11-22-Burp.png

Figure 1: The request made by adding XSS payloads to the height and width parameters.

Step 2: XSS in width Parameter

  1. Description: The URL with the XSS payload in the width parameter was accessed.
  2. Observation: The XSS payload was reflected in the DOM, and the JavaScript alert (22) was triggered.

XSS-22.png

Figure 2: The alert appears when the XSS payload is injected into the width parameter.