web/armoured-notes
Exploiting prototype pollution in combination with Cross-Site Scripting (XSS) through the recently discovered CVE-2023-49293 vulnerability can result in stealing admin bot cookies.
Basic overview
We have a login page after checking server login logic
request body is passed to duplicate
function let's check it
purpose of this duplicate
function is to create a shallow copy of the input object (body
) while excluding the property "isAdmin" from the copy.
When creating a copy of an existing object in JavaScript, there is a possibility of encountering prototype pollution vulnerabilities.
When sending this request we can add isAdmin in __proto__ to get access
We can go to /post/658046ca99d634eec4c73704
to edit our payload
After researching for a while i found there was a CVE in Vite.
decoding the base64 encoded cookie.
Last updated