Description: The messaging feature of Silverpeas Core is vulnerable to Stored Cross-Site Scripting (XSS).
Versions Affected: < 6.3.1
Version Fixed: 6.3.2
Researcher: Tyler Ramsbey (https://youtube.com/@TylerRamsbey)
Disclosure Link: https://rhinosecuritylabs.com/research/silverpeas-file-read-cves/
NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2023-47320
The notification/messaging feature of Silverpeas Core 6.3.1 is vulnerable to Stored Cross-Site Scripting (XSS).
To exploit this vulnerability, the following payload can be sent in a message to another user: <img/src/onerror=prompt(1)>. When the user opens it, it successfully executes Javascript in the user's browser.