Html injection in Send email to recipient

Disclosed by
rynexx
  • Program Undisclosed
  • Disclosed date over 1 year ago
  • Priority P4 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by customer

We are working on a complete fix.

Summary by rynexx

Can we disclose?

Report details

  • Submitted

  • Target Location

    https://withpersona.com

  • Target category

    Web App

  • VRT

    Server-Side Injection > Content Spoofing > Email HTML Injection

  • Priority

    P4
  • Bug URL
    https://app.withpersona.com/
  • Description

    Hi team ,
    I found a vulnerability on https://app.withpersona.com/

    Steps to reproduce :

    • Navigate to https://app.withpersona.com-Inquiries-all quiries

    • Click on create inquiry

    • Enable Send email to recipient-again click on create quiry

    • Input victims email & all other information

    • In body input this payload & send Screenshot%20from%202022-04-07%2013-35-01.png

    payload :
    <a href=google.com>click</a>
    <img src="https://wallpapercave.com/wp/wp1836582.jpg">

    • Open victims email -as you can see html injected Screenshot%20from%202022-04-07%2013-41-21.png

    Impact : html injection

    Watch the video poc for better understanding : ![simplescreenrecorder-2022-04-07_13.32.28.mkv](https://bugcrowd.com/persona-bb/submissions/bf516ee1f46098e1f4bdeffb000b7953f590c3a7a24c0544c12eaacef4bcbf59/attachments/c3fec00e-5a7b-4579-b430-7f2ddbeb19cc "simplescreenrecorder-2022-04-07_13.32.28.mkv")

Activity