Open exponentcms opened 4 years ago
As a note, ticket #1179 referred to an XSS issue and we were unable to reproduce an XSS issue. Nonetheless, possible XSS vulnerabilities have been even more greatly reduced with a recent code update/patch. You are correct, Exponent CMS (as most CMS' in existence like WordPress) does not use API Tokens.
i am talking about csrf not xss !
i will find the same issue "CSRF" in your new cms version which is 2.3.1 and report it to you with new ticket
I was reported csrf vulnerability here http://exponentcms.lighthouseapp.com/projects/61783/tickets/1179-0-days-security-issues-in-your-lates-cms-every-part-is-vulnerable#ticket-1179-17
But you team not able to understand the vulnerability and his impact so i am reporting you again for this issue
Here you will get the all details - https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
By using CSRF an attacker can remotely trick an logged administrator to change his site title bar name , create a new page , create a post with xss payload kindly see the poc video