phpVibe < 4.20 Stored XSS

ID EDB-ID:37659
Type exploitdb
Reporter Filippos Mastrogiannis
Modified 2015-07-20T00:00:00


phpVibe < 4.20 Stored XSS. Webapps exploit for php platform

                                            # phpVibe &lt; 4.20 Stored XSS

# Vendor Homepage:
# Affected Versions: prior to 4.20

# Discovered by Filippos Mastrogiannis
# Twitter: @filipposmastro
# LinkedIn:

-- Description --

This stored XSS vulnerability allows any logged in user
to inject malicious code in the comments section:
e.g. "&gt;&lt;body onLoad=confirm("XSS")&gt;

The vulnerability exists because the user input is not properly sanitized
and this can lead to malicious code injection that will be executed on the
target’s browser

-- Proof of Concept --

1. The attacker posts a new comment which contains our payload:
"&gt;&lt;body onLoad=confirm("XSS")&gt;

2. The stored XSS can be triggered when any user visits the link of the
uploaded content

-- Solution --

The vendor has fixed the issue in the version 4.21