Describe the bug
An authenticated malicious user can take advantage of a Reflected XSS vulnerability in the "Document Manager" feature. To Reproduce
Steps to reproduce the behavior:
1. Log into the /manager
2. Go to "Doc Manager" on Modules
3. Insert payload:
'><details/open/ontoggle=confirm(1337)>
4. Click "Submit" Impact
Commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site. Versions
Evolution CMS 2.0.2
The text was updated successfully, but these errors were encountered:
Hello @Dmi3yy,
I think, admin is only allowed to use js / html in certain areas like edit plugin / module, theme / template, .... In other parts, if the admin is still allowed to use it arbitrarily, it will cause a risk, attack..etc, because a website will probably have 1 or more admin. An attacker with admin rights can take full advantage and lure victim with malicious intent through XSS :))
Describe the bug



An authenticated malicious user can take advantage of a Reflected XSS vulnerability in the "Document Manager" feature.
To Reproduce
Steps to reproduce the behavior:
1. Log into the /manager
2. Go to "Doc Manager" on Modules
3. Insert payload:
'><details/open/ontoggle=confirm(1337)>
4. Click "Submit"
Impact
Commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site.
Versions
Evolution CMS 2.0.2
The text was updated successfully, but these errors were encountered: