Content here will be expanded on upon later, for now this serves as a quick description and write-up.
Dundas BI server has two stable release versions available for download for customers. Version 22.214.171.1249 and Version 126.96.36.1991. Both product versions contain persistent cross-site scripting (XSS) vulnerabilities in the same location.
- User must be authenticated and have proper permissions to edit or create a dashboard.
- In the dashboard editing screen, click on Components and select “HTML Label”.
- Insert code. PoC: <script>alert(‘XSS’)</script>.
The same vulnerabilities exists within the latest deployment of Dundas.
HTML Label XSS
- Click Components and add a button.
- Select the button.
- Click properties and select Click (or another action such as “Double Click”, “hover”, etc.)
- Insert script and click “Build”.