Skip to content

e107 2.3.2 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Copyright and Author field in the Meta & Custom Tags Menu.

Notifications You must be signed in to change notification settings

sromanhu/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 

Repository files navigation

e107 CMS Stored XSS v2.3.2

Author: (Sergio)

Description: Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu.

Attack Vectors: Scripting A vulnerability in the sanitization of the entry in the Copyright and Author fields of "Meta & Custom Tags Menu" allows injecting JavaScript code that will be executed when the user accesses the web page.


POC:

When logging into the panel, we will go to the "Meta & Custom Tags Menu." section off General Menu.

XSS Payload

We edit that Settings that we have created and see that we can inject arbitrary Javascript code in the Copyright and Author fields.

XSS Payload:

'"><svg/onload=alert('Copyright')>

XSS Payload:

'"><svg/onload=alert('Author')>

In the following image you can see the embedded code that executes the payload in the main web.

XSS Result Copyright

XSS Result Author


Additional Information:

https://e107.org/

https://owasp.org/Top10/es/A03_2021-Injection/

https://owasp.org/www-community/attacks/xss/

About

e107 2.3.2 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Copyright and Author field in the Meta & Custom Tags Menu.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published