免费、自由、人人可编辑的漏洞库--PwnWiki.com
,
INFO
- Exploit Title: CMSimple 5.2 - 'External' Stored XSS
- Date: 2021/04/07
- Exploit Author: Quadron Research Lab
- Version: CMSimple 5.2
- Tested on: Windows 10 x64 HUN/ENG Professional
- Vendor: https://www.cmsimple.org/en/
Description
The CMSimple 5.2 allow stored XSS via the Settings > CMS > Filebrowser > "External:" input field.
Attack Vectors
The CMSimple cms "Filebrowser" "External:" input field not filter special chars. It is possible to place JavaScript code.
The JavaScript code placed here is executed by clicking on the Page or Files tab.
Proof of Concept
https://github.com/Quadron-Research-Lab/CVE/blob/main/CMSimple_5.2_XSS.pdf
免费、自由、人人可编辑的漏洞库--PwnWiki.com