The variable log is the user behavior log data transmitted by the front end. The function log implements the processing of the variable log. If the param[0]=='user', the call_user_func function is called. The variable is not checked. Malicious parameters will lead to the eval method of the call_user_fun function to implement code execution.
Local Test
Enter the background of the system, select user behavior,add our payload to the rules of conduct
Add an article to trigger the user behavior just now.
Execution Log, the code was successfully executed and the IP-related information was printed out
The text was updated successfully, but these errors were encountered:
Find a code execution vulnerability in cmswing project version 1.3.8,Details can be found in the analysis below.
The vulnerability lies in the
logfunction in thecmswing/src/mode/action.jsThe variable
logis the user behavior log data transmitted by the front end. The function log implements the processing of the variable log. If theparam[0]=='user', thecall_user_funcfunction is called. The variable is not checked. Malicious parameters will lead to theevalmethod of the call_user_fun function to implement code execution.Local Test
Enter the background of the system, select user behavior,add our payload to the rules of conduct
Add an article to trigger the user behavior just now.
Execution Log, the code was successfully executed and the IP-related information was printed out
The text was updated successfully, but these errors were encountered: