60% of web applications are susceptible to XSS attacks, which ultimately account for more than 30% of all web application attacks.<\/strong><\/p>\n<\/blockquote>\n This clearly demonstrates why cybersecurity professionals have high concern when it comes to Cross-Site Scripting (XSS) vulnerabilities. Therefore, CSW researchers were able to find one such vulnerability in Microsoft Clarity version 0.3.<\/p>\n <\/p>\n The Microsoft Clarity version 0.3 is vulnerable to a Cross-Site Scripting vulnerability which allows arbitrary code to run in a web browser while the browser is connected to a user’s trusted site. An XSS attack is carried out every time a user changes the clarity configuration in Microsoft Clarity version 0.3 stored on the configuring project ID page.<\/p>\n This vulnerability has been categorized with a CWE of CWE-79 leading to Improper Neutralization of Input During Web Page Generation. It is notable that CWE-79 has been listed in OWASP Top 10:2021 under A03:2021 \u2013 Injection<\/a> and holds the second place in 2021 CWE Top 25 Most Dangerous Software Weaknesses.<\/a><\/p>\n \u00a0CVE Number<\/p>\n<\/td>\n \u00a0CVE-2021-33850<\/p>\n<\/td>\n<\/tr>\n \u00a0Product Name<\/p>\n<\/td>\n \u00a0Microsoft Clarity version 0.3 WordPress Plugin<\/p>\n<\/td>\n<\/tr>\n \u00a0Affected Version<\/p>\n<\/td>\n \u00a0Version 0.3<\/p>\n<\/td>\n<\/tr>\n \u00a0Severity<\/p>\n<\/td>\n \u00a0High<\/p>\n<\/td>\n<\/tr>\n \u00a0Vendor<\/p>\n<\/td>\n \u00a0Microsoft<\/p>\n<\/td>\n<\/tr>\n \u00a0CWE<\/p>\n<\/td>\n \u00a0CWE-79 (Improper Neutralization of Input During Web Page Generation)<\/p>\n<\/td>\n<\/tr>\n \u00a0CVSS Vector<\/p>\n<\/td>\n \u00a0CVSS:3.0\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:H\/A:N<\/p>\n<\/td>\n<\/tr>\n \u00a0CVSS V3 Score<\/p>\n<\/td>\n \u00a04.9<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n The following vulnerability was detected in WordPress Microsoft Clarity Plugin version 0.3.<\/p>\n Issue:<\/strong> Cross-Site Scripting<\/p>\n Severity:<\/strong> Medium<\/p>\n Log in to the WordPress application.<\/p>\n<\/li>\n Install Microsoft Clarity plugin to your WordPress application.<\/p>\n<\/li>\n<\/ol>\n Figure 1: <\/strong>Microsoft Clarity Plugin Installation<\/p>\n Click on Settings, and the Clarity Setting page appears.<\/p>\n<\/li>\n<\/ol>\n Figure 2: <\/strong>Microsoft Clarity Settings Page<\/p>\n In the Clarity Settings page, enter the payload in the \u2018project ID\u2019 section (clarity_project_id parameter).<\/p>\n<\/li>\n<\/ol>\n Figure 3:<\/strong> Entering Encoded XSS Payload in the Project ID section<\/p>\n Injected XSS payload gets executed whenever the user changes the clarity configuration page.<\/p>\n<\/li>\n<\/ol>\n Figure 4:<\/strong> Injected XSS Payload Executed and Displays an Alert Box<\/p>\n An attacker can control a script executed in the victim’s browser and fully compromise the targeted user. In addition, an XSS vulnerability enables attacks that are contained within the application itself. There is no need to find an external way of inducing the victim to make a request containing their exploit. Instead, the attacker places the exploit inside the application itself and simply waits for users to encounter it, thus, resulting in the following\u2014<\/p>\n Stealing cookies,<\/p>\n<\/li>\n End-user files disclosure,<\/p>\n<\/li>\n Installation of Trojan horse programs,<\/p>\n<\/li>\n Redirection of the user to some other page or site.<\/p>\n<\/li>\n<\/ul>\n Perform context-sensitive encoding of untrusted input before it is echoed back to a browser by using the encoding library.<\/p>\n<\/li>\n Implement input validation for special characters on all the variables reflected in the browser and stored in the database.<\/p>\n<\/li>\n Implement client-side validation.<\/p>\n<\/li>\n<\/ol>\n Figure 5: <\/strong>Cross-Site Scripting Mitigation Setting in the wp.config File Prevents Cross-site Scripting Attacks<\/p>\n Cyber Security Works Pvt. Ltd.<\/p>\nDescription<\/h2>\n
Vulnerability at a Glance<\/h2>\n
\n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n Timeline<\/h2>\n
![\"\"](\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/blogs\/microoft-zero-day-infographics.png\")
<\/p>\nProof-of-Concept<\/h2>\n
\n
![](\"https:\/\/lh4.googleusercontent.com\/oVvVH2WdNyjo32M_OU50ScAEtyntbpwPtgh6nAsUWZkia2tU9B8EOUngDC2BDdpCTGblcNmj0m5Z_R-QJ5ub3k9hec6XqFmEfL8GHOlUv3Ve9Gwd4GuO0FGB2qPQkxVoFchqTwWd\")
\n
![](\"https:\/\/lh4.googleusercontent.com\/Z-iKeLa8grzN7n7pfarzqVPOh4ZU3g2vKnwf3VX3kIh2GcPVZAZiRr-Fl3p1lJN2d_OzMz3YaT9a-l9o16LRYCA7Si0mZ4azakMAvY1cDJUSWGKVBMMa3OtNmbzGCKyX4N6ViBGC\")
\n
![](\"https:\/\/lh6.googleusercontent.com\/aBSRYIV1QTxXXOAuAPgO24Ip2XQ4X05Uue6ZXWq9StV2kd_HumV0zlu1V0V_VrBverNA_PV_5cUgTEMwQLtoVu9FhkMkv-DKUuZ6pCm19wXr04j3ZgVNzo0Eh0P6YQFVzBrawlyl\")
\n
![](\"https:\/\/lh5.googleusercontent.com\/pvOFtfQDNy34Wnty47pcchxxdR22hzvt5q7SHIi73SqXo4RoPe0XeLPTO-5DaNwU2FmdPePE5BDFd9KcGWQGBXFoBdbkQcDULlnO8-3fNaP-EA4voSdVU0W0-OeiEi_KllVwKgEY\")
Impact<\/h2>\n
\n
Remediation<\/h2>\n
\n
![](\"https:\/\/lh3.googleusercontent.com\/xwFVTLvA0cTemKi7bfhz_p26i4xHQjk0XzLf3MLBC_KBBxnZ-rn2K1SQHyNpIyjYioRYkz8Qk6xSdu4Q2wnZiSB7LBhv9tyJH8AJP8R3WbuglLA7znJ4QkETdbnPzuNVSuqrM69b\")
Discovered by<\/h2>\n
Vendor Advisory<\/h2>\n