Lucene search
Sergio MedeirosEDB-ID:52018HistoryMay 19, 2024 - 12:00 a.m.
Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)
2024-05-1900:00:00
Sergio Medeiros
www.exploit-db.com
102
web application
cross site scripting
wysiwig editor
burpsuite
cve-2024-34241
rocket lms 1.9
firefox
chrome
patch pending
# Title: Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)
# Date: 04/16/2024
# Exploit Author: Sergio Medeiros
# Vendor Homepage: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735
# Software Link: https://lms.rocket-soft.org
# Version: 1.9
# Tested on Firefox and Chrome Browsers
# Patched Version: Patch Pending
# Category: Web Application
# CVE: CVE-2024-34241
# Exploit link: https://grumpz.net/cve-2024-34241-a-step-by-step-discovery-guide
# PoC:
In order to exploit this systemic stored XSS vulnerability, identify theareas in the web application which has a WYSIWIG editor used, for example, the create/edit course description section.
Input random text in the description section, and create the course while intercepting the request with BurpSuite or your preferred proxy of choice.
In the *description* parameter or the associated parameter that is handling the user input related to the WYSIWIG editor, input the following payload and then issue the request:
<details/open/ontoggle=prompt(origin)>Related
vulnrichment
vulnrichment
CVE-2024-34241
1976-01-01 00:00:00
nvd
nvd
CVE-2024-34241
2024-05-17 16:15:08
packetstorm
packetstorm
Rocket LMS 1.9 Cross Site Scripting
2024-05-20 00:00:00
cve
cve
CVE-2024-34241
2024-05-17 16:15:08
zdt
zdt
Rocket LMS 1.9 - Persistent Cross Site Scripting Vulnerability
2024-05-19 00:00:00
cvelist
cvelist
CVE-2024-34241
1976-01-01 00:00:00