Because of lacking of sanitizer of input data, attacker can injection malicious code into settingnew param to trigger Stored-XSS. The
vulnerability can affected settingnew[sitename] and settingnew[reglinkname] in template [Source]\admin\setting\template\main.htm
To Reproduce
XSS 1
Steps to reproduce the behavior:
Go to System settings -> Basic settings
Update Site name to </title><script>alert('XSS');</script>
Description:
Because of lacking of sanitizer of input data, attacker can injection malicious code into
settingnewparam to trigger Stored-XSS. Thevulnerability can affected
settingnew[sitename]andsettingnew[reglinkname]in template [Source]\admin\setting\template\main.htmTo Reproduce
XSS 1
Steps to reproduce the behavior:
</title><script>alert('XSS');</script>Request
Response
PoC:
XSS 2
Steps to reproduce the behavior:
"/><script>alert('XSS 2');</script>Request
Response
PoC:
The text was updated successfully, but these errors were encountered: