Lucene search
Ahmedvienna8C74CCAB-0D1D-4C6B-A0FA-803AA65DE04FHistoryJan 26, 2023 - 4:09 p.m.
stored Blind XSS in Admin Panel through FAQ-Proposal leads to Admin Full Account Takeover
2023-01-2616:09:34
ahmedvienna
www.huntr.dev
21
blind xss
admin panel
faq-proposal
full account takeover
application vulnerability
xss payload
admin cookies
0.001 Low
EPSS
Percentile
23.5%
Hello.
Vulnerability: Blind XSS in Admin Panel while generating Report
- Without beeing logged in the Application
- Go to FAQ-Proposal -> put an XSS Payload like <script>alert(‘1’)</script> in the question Field
- Send the Proposal
- Admin will login
- The Proposal will pop up in the Category you specified while sending your Proposal here number 1
6 Admin will go to Statistics and then Reports - Generate Report
- Blind XSS will be fired in the Admin Panel
Steal the Admin Cookies and do a Full Account Takeover of the Admin Account.
Best regards
Ahmed Hassan
Related
cve
cve
CVE-2023-0786
2023-02-12 14:15:11
osv
osv
Cross-site Scripting in thorsten/phpmyfaq
2023-02-12 15:30:25
CVE-2023-0786
2023-02-12 14:15:11
veracode
veracode
Cross-site Scripting (XSS)
2023-02-20 15:47:11
cvelist
cvelist
CVE-2023-0786 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq
2023-02-12 00:00:00
prion
prion
Cross site scripting
2023-02-12 14:15:00
github
github
Cross-site Scripting in thorsten/phpmyfaq
2023-02-12 15:30:25
cnvd
cnvd
phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-09628)
2023-02-14 00:00:00
nvd
nvd
CVE-2023-0786
2023-02-12 14:15:11
openvas
openvas
phpMyFAQ < 3.1.11 Multiple Vulnerabilities
2023-02-13 00:00:00