[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Easydiscuss Component < 4.0.21 - Cross-Site Scripting Vulnerability

Author
Mattia Furlani
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-29428
Category
web applications
Date add
10-01-2018
CVE
CVE-2018-5263
Platform
php
# Exploit Title: Joomla Plugin Easydiscuss <4.0.21 Persistent XSS in Edit Message
# Software Link: https://stackideas.com/easydiscuss
# Exploit Author: Mattia Furlani
# CVE: CVE-2018-5263
# Category: webapps
 
1. Description
 
Whenever a user edits a message with <\textarea> inside the body, everything after the <\textarea> will be executed in the user’s browser. Works with every version up to 4.0.20
 
 
2. Proof of Concept
 
Login with permissions to post a message, insert <\textarea> in the body and add any html code after that, whenever a user tries to edit that message the code writed after you closed the textarea will be executed
 
 
3. Solution:
 
Update to version 4.0.21
https://stackideas.com/blog/easydiscuss4021-update

#  0day.today [2024-12-23]  #