1、Login the backstage http://localhost/wuzhicms-master/www/index.php?m=core&f=index&v=login&_su=wuzhicms
2、Go to content management, choose an existing one or post a new on to edit
3、There are two Stored-XSS,
a)the first one lie in the title section
b)the secone lie the the content section(you need to change to source code mode)
4、Save and we can see the page we just edit, the title is too obvious
5、Anyway
a)title section
b)content section
The text was updated successfully, but these errors were encountered:
starnightcyber
changed the title
Two Stored-XSS Vulnerability
Two Stored-XSS Vulnerabilities
Apr 24, 2018
starnightcyber
changed the title
Two Stored-XSS Vulnerabilities
Two Stored-XSS Vulnerabilities(Administrator Privilege)
Apr 24, 2018
Two Stored-XSS when post an article
Steps to Reproduce
1、Login the backstage





http://localhost/wuzhicms-master/www/index.php?m=core&f=index&v=login&_su=wuzhicms
2、Go to content management, choose an existing one or post a new on to edit
3、There are two Stored-XSS,
a)the first one lie in the title section
b)the secone lie the the content section(you need to change to source code mode)
4、Save and we can see the page we just edit, the title is too obvious
5、Anyway
a)title section
b)content section
The text was updated successfully, but these errors were encountered: