Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrTuannq2299D4302A0D-DB62-4D76-93DD-E6E6473E057A
HistoryAug 05, 2023 - 4:49 a.m.

Stored XSS in Page Title

2023-08-0504:49:32
tuannq2299
www.huntr.dev
3
stored xss
page title
escaped
payload triggered
privilege escalation

0.0004 Low

EPSS

Percentile

14.1%

JSON

Description

At the latest version, the page title has been escaped and cannot trigger the XSS payload. However, by login to a user with other privileges, I see that It’s still not escaped yet.

Proof of Concept

Step 1: Login as Admin, create a page in site1 with the title "&gt;test<img src> and see that the page title has been escaped and cannot trigger the XSS payload.

Step 2: User1 with the Author privilege

Step 3: Login as User1 and go to view the page of site1 and see that the payload is triggered.

Related

prion 1
osv 1
cve 1
cvelist 1
nvd 1
prion
prion
Cross site scripting
2023-08-28 01:15:00
osv
osv
CVE-2023-4561
2023-08-28 01:15:11
cve
cve
CVE-2023-4561
2023-08-28 01:15:11
cvelist
cvelist
CVE-2023-4561 Cross-site Scripting (XSS) - Stored in omeka/omeka-s
2023-08-28 00:00:19
nvd
nvd
CVE-2023-4561
2023-08-28 01:15:11

0.0004 Low

EPSS

Percentile

14.1%

JSON
Related for D4302A0D-DB62-4D76-93DD-E6E6473E057A
prion1osv1cve1cvelist1nvd1