October CMS 3.4.0 About Cross Site Scripting
2023-12-4 22:7:48 Author: packetstormsecurity.com(查看原文) 阅读量:4 收藏


OctoberCMS v3.4.0 (About) Stored Cross-Site Scripting Vulnerability

Vendor: October CMS
Product web page: https://www.octobercms.com
Affected version: 3.4.0

Summary: OctoberCMS is a self-hosted content management system (CMS)
based on the PHP programming language and Laravel web application framework.
It supports MySQL, SQLite and PostgreSQL for the database back end and
uses a flat file database for the front end structure. The October CMS
covers a range of capabilities such as users, permissions, themes, and
plugins, and is seen as a simpler alternative to WordPress.

Desc: OctoberCMS suffers from stored cross-site scripting vulnerability
when a user with the ability to edit the landing/about page. This can
lead to execute arbitrary HTML/JS code in a user's browser session in
context of an affected site.

Tested on: macOS Monterey 12.6.3
Docker 4.12.0 (85629)
PHP/8.1.6

Vulnerability discovered by Nazli Soysal Kuran
@zeroscience

Advisory ID: ZSL-2023-5803
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5803.php

30.10.2023

--

Stored XSS (EntryRecord[blocks][1][content]):
---------------------------------------------

Endpoint: POST /backend/tailor/entries/landing_page
Payload: EntryRecord%5Bblocks%5D%5B1%5D%5Bcontent%5D="<script>alert(1)</script>"


文章来源: https://packetstormsecurity.com/files/176049/ZSL-2023-5803.txt
如有侵权请联系:admin#unsafe.sh