You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
when upload xfkxfk.zip successful, result in a xss vuln
(you can also build-extensions, then download extensions, final modify extension and install it)
other file exists xss vuln too,for example:
\BigTree-CMS-4.2.18\core\admin\modules\developer\packages\install\unpack.php
please use htmlspecialchars() function to filter all params~
I wouldn't consider this XSS as there's no other site involved (and hence it can't be executed without the user uploading a malicious package). I have setup those fields to be escaped, though!
If you install a package or extension containing malicious content, then you will be xssed, so you have to filter the fields you need to display, Rather than displayed directly.
for example:
Multiple Security Issue of XSS exists in BigTree CMS Less than 4.2.18
FILE:
title、version、author_name not filter by htmlspecialchars() function
POC:
in url:
http://127.0.0.1/BigTree-CMS-4.2.18/site/index.php/admin/developer/extensions/install/
upload xfkxfk.zip,there is manifest.json in xfkxfk.zip
when upload xfkxfk.zip successful, result in a xss vuln
(you can also build-extensions, then download extensions, final modify extension and install it)
other file exists xss vuln too,for example:
\BigTree-CMS-4.2.18\core\admin\modules\developer\packages\install\unpack.php
please use htmlspecialchars() function to filter all params~
thank you~
email : xfkxfk@secbook.net
The text was updated successfully, but these errors were encountered: