BugCrowd Bug Bounty Disclosure: P3 – RXSS at `https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl` – GxbNt

June 24, 2025
RXSS at `https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl`

RXSS at `https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl`

Researcher: GxbNt
Engagement: National Aeronautics and Space Administration (NASA) – Vulnerability Disclosure Program
Disclosed at: 2025-06-16T16:23:48Z
Priority: P3
Status: Resolved

Summary

A reflected XSS vulnerability was identified in the NASA SkyView service at the following endpoint: https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl The issue is present in the FORMAT parameter, which fails to properly sanitize user-supplied input. By injecting a crafted payload, arbitrary JavaScript can be executed in the context of the user’s browser. An example of a malicious request is shown below: https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl?survey=digitized&POS=99,10&SIZE=0.1&FORMAT=%22%3E%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20onload=%22alert(1)%22%3E%3C/svg%3E

Activity Feed

Actor Details Timestamp (UTC)
Medx Medx sent a: message 2025-06-16T16:58:54Z
Martin_NASA Martin_NASA published 2025-06-16T16:23:48Z
GxbNt GxbNt requested 2025-06-13T02:32:39Z
flowereater-bc flowereater-bc changed the state to to resolved 2025-06-12T18:47:25Z
ZachFahoury ZachFahoury sent a: message 2025-06-11T15:19:45Z
Medx Medx sent a: message 2025-06-09T16:13:58Z
Martin_NASA Martin_NASA changed the state to to unresolved 2025-06-06T17:33:26Z
viper-bugcrowd viper-bugcrowd changed the state to to triaged 2025-06-06T13:00:51Z
viper-bugcrowd viper-bugcrowd sent a: message 2025-06-06T13:00:40Z
GxbNt GxbNt created the submission 2025-06-06T11:24:50Z

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

image

[LYNX] – Ransomware Victim: Inflite Engineering Services

June 24, 2025
image

[SARCOMA] – Ransomware Victim: Machu Picchu Foods

June 24, 2025
image

[WORLDLEAKS] – Ransomware Victim: Myrtue Medical Center Hospital

June 24, 2025
image

CVE Alert: CVE-2025-6511

June 24, 2025
image

CVE Alert: CVE-2025-6510

June 24, 2025