Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

2021-05-24 19:33

An easy-to-exploit bug impacting the WordPress plugin ReDi Restaurant Reservation allows unauthenticated attackers to pilfer reservation data and customer personal identifiable information by simply submitting a malicious snippet of JavaScript code into the reservation comment field.

The bug affects ReDi Restaurant Reservation versions prior to 21.0307, with a patched version of the plugin available for download. The vulnerability is a persistent cross-site scripting bug.

A public proof-of-concept disclosure of the ReDi bug was released Sunday with the official public disclosure delayed a month "Due to the severity of the vulnerability," according to Bastijn Ouwendijk, credited for finding the bug.

A fix was available on April 25."[The bug] makes it possible for malicious attackers to, for example, steal the plugin API-key and potentially steal information about customers that made reservations, steal cookies or other sensitive data," according Ouwendijk in a technical breakdown and proof of concept of the bug posted Sunday.

A review of the ReDi Restaurant Reservation plugin bug shows how an adversary can launch an attack simply by using a JavaScript payload - one that has fewer than 250 characters - to exploit the XSS bug.

"How does this vulnerability work? The plugin provides users the functionality to book a reservation for the restaurant. A user just has to visit the reservation page," the researcher explained.

News URL

https://threatpost.com/reservation-system-easy-to-exploit-xss-bug/166414/

#exploit #XSS