Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Xss vulnerability #1

Closed
MM0x00 opened this issue Aug 12, 2019 · 0 comments
Closed

Xss vulnerability #1

MM0x00 opened this issue Aug 12, 2019 · 0 comments
Assignees
Labels
good first issue Good for newcomers

Comments

@MM0x00
Copy link

MM0x00 commented Aug 12, 2019

Hello author, I am honored to be able to use your cms, but when I use it, I found that there are more loopholes after testing, I hope to draw your attention, thank you.
Here are some storage xss vulnerabilities, as follows:
A front-end comment can get a storage xss vulnerability to the background administrator to cookie information:
image
image
image
When the front-end user registers, the xss vulnerability can be used for administrator cookie acquisition and other operations, causing the administrator cookie to leak, causing the attacker to enter the background.
image
image
image
The first and the second:
image
The results are as follows:
image
image
image
image
image
The third and the fourth:
image
image
image
The fifth and the sixth:
image
image
image
and use the same POC,you will find more:
image
image
image
and so on.
There are too many xss vulnerabilities.
There are serious dangerous features in the background configuration. I don't know if this is a loophole. However, it is recommended to disable this function. Once you pass the comments xss in the foreground or the xss vulnerability in the registered user, you can get the administrator's cookie and enter the background. Causes getshell, the server falls.
image

@Kitesky Kitesky closed this as completed Sep 26, 2019
@Kitesky Kitesky self-assigned this Sep 26, 2019
@Kitesky Kitesky added the good first issue Good for newcomers label Sep 26, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers
Projects
None yet
Development

No branches or pull requests

2 participants