Frog CMS 0.9.5 has xss in /FrogCMS/admin/?/page/edit/1 body field

philippe / FrogCMS

Frog CMS simplifies content management by offering an elegant user interface, flexible templating per page, simple user management and permissions, as well as the tools necessary for file management.

GNU General Public License v3.0

160 stars 36 forks source link

Frog CMS 0.9.5 has xss in /FrogCMS/admin/?/page/edit/1 body field #22

Open HLHai opened 5 years ago

HLHai commented 5 years ago

philippe / FrogCMS

Frog CMS 0.9.5 has xss in /FrogCMS/admin/?/page/edit/1 body field #22

Frog CMS 0.9.5 has xss in /FrogCMS/admin/?/page/edit/1 body field

1.login

2.Input exp `<img src=1 onerror=alert(/du/)>`

3.save and close

4.open http://127.0.0.1/FrogCMS/index.php

philippe / FrogCMS

Frog CMS 0.9.5 has xss in /FrogCMS/admin/?/page/edit/1 body field #22

Frog CMS 0.9.5 has xss in /FrogCMS/admin/?/page/edit/1 body field

1.login

2.Input exp <img src=1 onerror=alert(/du/)>

3.save and close

4.open http://127.0.0.1/FrogCMS/index.php

2.Input exp `<img src=1 onerror=alert(/du/)>`