this is Cross Site Scripting (XSS)

[able403]

I have found Cross Site Scripting (XSS) bug in subrion CMS version 4.2.1 in the Create Page functionality of the admin Account.

Steps to Reproduce:

just login as admin and clink this url https://demos.subrion.org/?demo=core&admin=1 As an admin Create test page In the Add a Page section go to the Page Content then clink “image” choose local file 123.svg to upload in url :https://demos.subrion.org/_core/admin/elfinder/?mode=image&CKEditor=contents%5Ben%5D&CKEditorFuncNum=1&langCode=en#elf_l1_Lw

the content of 123.svg： <?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<svg
onload="alert('xss attach')"
 xmlns="http://www.w3.org/2000/svg">
</svg>

copy the url of 123.svg then and a link to page content:

save the new page and open new page:http://localhost/123.html

Xss prompt box will pop up

Impact: Session cookies can be stolen , user can be redirected to phishing pages , browser of the user visiting this page can be controlled etc.

POC's have been uploaded.

[able403]

please let me know if you get the This vulnerability detail

[marrbhi]

Cross site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website. Attackers often initiate an XSS attack by sending a malicious link to a user and enticing the user to click it.

krnt.run myindigocard app