Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrHainguyen02073A2BC18B-5932-4FB5-A01E-24B2B0443B67
HistoryAug 28, 2023 - 7:50 p.m.

Store DOM XSS in Edit configuration

2023-08-2819:50:08
hainguyen0207
www.huntr.dev
7
website
secure
flaw
xss
admin page
category
configuration
payload
homepage
site structure
video
image
bug bounty

0.0005 Low

EPSS

Percentile

17.1%

JSON

Description I noticed, your website is very secure.

But you overlooked a flaw XSS

Proof of Concept

1 .Login vs admin demo account and access admin page.

2 .Create a category titled “test456”.

3 .Go to Configuration ==> Edit configuration.

4 .Change the “URL of your FAQ” data field with the payload:

     javascript:alert(1)"

5 . Back to the homepage, see the site structure has been completely changed. Click “test456” detect XSS.

Video Poc

https://drive.google.com/file/d/1FxFSglKYeqSBp_dvSaDji3syj4Re32PO/view?usp=sharing

Img Poc

https://drive.google.com/file/d/1jfBIhXEpyKive2O3W58uDjmJB63kD6l3/view?usp=sharing

Related

nvd 1
cve 1
prion 1
cvelist 1
osv 2
github 1
veracode 1
openvas 1
nvd
nvd
CVE-2023-5320
2023-09-30 01:15:39
cve
cve
CVE-2023-5320
2023-09-30 01:15:39
prion
prion
Cross site scripting
2023-09-30 01:15:00
cvelist
cvelist
CVE-2023-5320 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq
2023-09-30 00:00:42
osv
osv
phpMyFAQ Cross-site Scripting vulnerability
2023-09-30 03:31:49
CVE-2023-5320
2023-09-30 01:15:39
github
github
phpMyFAQ Cross-site Scripting vulnerability
2023-09-30 03:31:49
veracode
veracode
Cross Site Scripting
2023-10-03 06:47:45
openvas
openvas
phpMyFAQ < 3.1.18 Multiple Vulnerabilities
2023-10-03 00:00:00

0.0005 Low

EPSS

Percentile

17.1%

JSON
Related for 3A2BC18B-5932-4FB5-A01E-24B2B0443B67
nvd1cve1prion1cvelist1osv2github1veracode1openvas1