Description

Stored XSS Content allows for the arbitrary execution of JavaScript

Proof of Concept

In Wechat management at feature 
- Reply rule management 
- Follow reply configuration 
- Default reply configuration 
- Follow automatic replies 

Save Reply text with payload : &lt;/titLe/&lt;/teXtarEa/&lt;/scRipt/--!&gt;\x3csVg/<img src>\x3e
XSS will trigger when reloading page or goto edit

Video PoC

Video PoC

Impact

This vulnerability has the potential to steal a user’s cookie and gain unauthorized access to that user’s account through the stolen cookie.