New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: V1.1.8 Stored Cross Site Scripting Vulnerability #6

Open
zhouxingixng opened this Issue Jan 4, 2019 · 0 comments

Comments

Projects
None yet
1 participant
@zhouxingixng
Copy link

zhouxingixng commented Jan 4, 2019

There is an Stored Cross Site Scripting vulnerability in your latest version of the CMS v1.1.8
Download link: "http://img.yunucms.com/o_1cvnmdq4igqv3i713iq183fu7qa.zip?attname="

In the /YUNUCMSv1.1.8/app/admin/controller/System.php
The judgment code of the basic settings page is:
image
Pass in such a packet here
image
See the sys.php file to see that the site_title parameter has been changed.
image
The value in sys.php was taken directly in basic.html, resulting in a storage XSS vulnerability.
image

2.Steps To Reproduce:
image
image
image

Fix:
Strictly verify user input, you must perform strict checks and html escape escaping on all input scripts, iframes, etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment