[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SofaWiki 3.9.2 Cross Site Scripting Vulnerability

Author
Chokri Hammedi
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-39783
Category
web applications
Date add
22-10-2024
Platform
php
# Exploit Title: SofaWiki 3.9.2 - Stored XSS (Authenticated)
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://www.sofawiki.com
# Software Link: https://www.sofawiki.com/site/files/snapshot.zip
# Version: 3.9.2
# Tested on: Windows XP


Summary:

A stored XSS exists in SofaWiki's Open Ticket feature. An authenticated
user can inject a JavaScript payload into the ticket's title field, which
triggers whenever the ticket is viewed.


Proof of Concept (PoC):

1. Login and go to New Ticket:

http://localhost/sofawiki/index.php?name=special:tickets&ticketaction=new

2. Use this payload in the Title field:
<script>alert('XSS');</script>

3. Click Open Ticket the alert will be triggered.
The payload runs each time the ticket is opened.

#  0day.today [2024-12-23]  #