maccms Background member information exists xss
version:v10
Software download address:http://www.maccms.com
Login to the background to enter the user-> member module -> editing function
Write payload to the nickname in the edit window (“><img src=x onerror=alert(1)>)
Click save. Save successfully
The XSS attack is triggered when the administrator edits the user again
An XSS attack is also triggered when the user logs in
in /application/admin/controller/User.php
XSS occurs when the data is not filtered while accepting the post data at the time of the saved information
in /application/admin/view/user/info.html
Data is also not filtered when user nicknames are returned






