SofaWiki 3.9.2 Cross Site Scripting

2024.10.25

Credit: Chokri Hammedi

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

# Exploit Title: SofaWiki 3.9.2 - Reflected XSS (Authenticated) via Regex
Replace Preview
# Date: 10/17/2024
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://www.sofawiki.com
# Software Link: https://www.sofawiki.com/site/files/snapshot.zip
# Version: 3.9.2
# Tested on: Windows XP

*Summary:*

A *reflected XSS* vulnerability exists in the *Regex Replace Preview*
feature of SofaWiki. When a malicious payload is injected into the *Replace*
field, the payload is executed immediately in the user’s browser during the
preview.
 Proof of Concept (PoC):

1. Login to SofaWiki.
2. Go to Special => Regex :
http://localhost/sofawiki/index.php?action=view&name=special:regex&lang=en

3. In the Regex field, enter any text (e.g., test).
4. In the Replace field, inject the following payload:

<script>alert('XSS');</script>

5. Click Replace Preview to trigger the XSS.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

SofaWiki 3.9.2 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.