https://bitcastle.io/en
A reflected Cross-Site Scripting (XSS) vulnerability exists on the kyc.bitcastle.io domain. This occurs due to improper input sanitization, allowing an attacker to inject malicious JavaScript code. When users interact with the "Later" button or log in to their accounts and upload id file, the payload executes, leading to potential compromise of sensitive information such as cookies.
Steps to Reproduce Navigate to the following URL: https://kyc.bitcastle.io/?redirect=javascri%09pt:alert(docu%09ment.cookie) Click on the "Later" button. Observe the XSS payload execution as an alert displaying the user's cookie.
Additionally,
Log in to your account on the platform.To uplaod kyc,go to the following link or go to this link from bitcastle.io. an image and xss aelrt will appear. https://kyc.bitcastle.io/?redirect=javascri%09pt:alert(docu%09ment.cookie)
Impact This vulnerability can allow attackers to:
Steal session cookies, leading to account hijacking. Execute arbitrary JavaScript in the user's browser. Perform unauthorized actions on behalf of the victim.
Here is the poc video link: https://drive.google.com/file/d/1AuPasNzclCVNUJNccYD5BmE4Tjr5GFm2/view?usp=sharing