goFrendiAsgard
commented
6 years ago Thanks for your report :+1:
Open s-kustm opened 6 years ago
goFrendiAsgard
commented
6 years ago Thanks for your report :+1:
s-kustm
commented
6 years ago How long you will take to patch the vulnerability. Will you provide a CVE ID for this or I have to contact to CNA (CVE Numbering Authority - CVE MITRE).
Thanks
Affected software:
No-CMS
Description:
No-CMS is a basic and "less-assumption" CMS with some default features such as user authorization (including third-party authentication), menu, module and theme management. It is fully customizable and extensible, you can make your own module and your own themes. It provides freedom to make your very own CMS, which is not provided very well by any other CMS.
Type of vulnerability:
XSS Persistent
URL:
https://github.com/goFrendiAsgard/No-CMS
Description:
No-CMS is prone to a Persistent Cross-Site Scripting attack that allows a malicious user to inject HTML or scripts that can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site. Anonymous user can send the XSS payload through the contact form to the Administrator.
Affected Parameter:
VG48Z5PqVWcontent
Proof of concept
Open URL/contact_us i.e. http://127.0.0.38/contact_us
Put XSS payload "><svg/onload=alert("XSS_By_Subodh")> in VG48Z5PqVWcontent" parameter.
Now, Login Admin account and open URL http://127.0.0.38/contact_us/manage_message
Open Message sent with XSS payload (See Image2.png XSS payload is getting executed Here).
Reported by:
Subodh Kumar https://github.com/s-kustm/ https://www.linkedin.com/in/subodh-kumar-8a00b1125/