Stored authenticated cross-site scripting exists in the in TastyIgniter v3.0.7 Restaurtant CMS System Logs section of the web application.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38699
- Execute reflective cross site scripting elsewhere in the web app (see https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS).
- Navigate to the System Logs section
- XSS payload should trigger.
- Refresh the page.
- XSS payload should trigger.
August 2021
- Matt Kiely | HuskyHacks
- Justin White (https://github.com/Justin-1993/CVE-2021-38699 & https://pentesternotes.com/?p=209)