when upload xfkxfk.zip successful, result in a xss vuln
(you can also build-extensions, then download extensions, final modify extension and install it)
other file exists xss vuln too,for example:
\BigTree-CMS-4.2.18\core\admin\modules\developer\packages\install\unpack.php
please use htmlspecialchars() function to filter all params~
I wouldn't consider this XSS as there's no other site involved (and hence it can't be executed without the user uploading a malicious package). I have setup those fields to be escaped, though!
If you install a package or extension containing malicious content, then you will be xssed, so you have to filter the fields you need to display, Rather than displayed directly.
for example:
Multiple Security Issue of XSS exists in BigTree CMS Less than 4.2.18
FILE:
title、version、author_name not filter by htmlspecialchars() function
POC:
in url:
http://127.0.0.1/BigTree-CMS-4.2.18/site/index.php/admin/developer/extensions/install/
upload xfkxfk.zip,there is manifest.json in xfkxfk.zip
when upload xfkxfk.zip successful, result in a xss vuln
(you can also build-extensions, then download extensions, final modify extension and install it)
other file exists xss vuln too,for example:
\BigTree-CMS-4.2.18\core\admin\modules\developer\packages\install\unpack.php
please use htmlspecialchars() function to filter all params~
thank you~
email : xfkxfk@secbook.net
The text was updated successfully, but these errors were encountered: