s-kustm
commented
5 years ago Here is CVE tracking for this vulnerability - CVE-2018-18868.
Open s-kustm opened 6 years ago
s-kustm
commented
5 years ago Here is CVE tracking for this vulnerability - CVE-2018-18868.
Hi Team, I have found a Stored XSS please take a moment to go through it.
Affected software:
No-CMS
Description:
No-CMS is a basic and "less-assumption" CMS with some default features such as user authorization (including third party authentication), menu, module and theme management. It is fully customizable and extensible, you can make your own module and your own themes. It provide freedom to make your very own CMS, which is not provided very well by any other CMS.
Type of vulnerability:
XSS Persistent
URL:
https://github.com/goFrendiAsgard/No-CMS
Description:
No-CMS is prone to a Persistent Cross-Site Scripting attack that allows a malicious user to inject HTML or scripts that can access any cookies, session tokens, or other sensitive information retained by the admin's browser and used with that site or can hijack admin's Browser.
Affected Parameter:
VG48Z5PqVWname
Proof of concept
Open URL/contact_us i.e. http://127.0.0.38/contact_us
Put XSS payload "><svg/onload=alert("XSS_By_Provensec")> in "VG48Z5PqVWname" parameter
Now, Login Admin account and open URL http://127.0.0.38/contact_us/manage_message
Open Message sent with XSS payload (See Image2.png XSS payload is getting executed Here).
Reported by:
Subodh Kumar https://github.com/s-kustm/ https://www.linkedin.com/in/subodh-kumar-8a00b1125/