Lucene search
Hainguyen0207E0BF7E95-FC8C-4FD4-8575-8B46B9431C6DHistoryAug 08, 2023 - 6:30 p.m.
Store XSS in module name "admin/controllers/edit/comments/comments_list"
2023-08-0818:30:35
hainguyen0207
www.huntr.dev
10
xss
admin
module
comments_list
security
vulnerability
proof of concept
0.0004 Low
EPSS
Percentile
14.2%
Description
I noticed that you filtered the comment very carefully.
But there are still some parts you missed
Proof of Concept
1.Login with admin
2.go to “https://demo.instantcms.io/admin/controllers/edit/comments/comments_list”
3.Select 1 comment and insert payload
<image src=1 href=1 onerror="alert(document.cookie)"></image>
4.Click save , and store xss happened
5.Then, login another admin account, go to comments, detect store xss
Video PoC
https://drive.google.com/file/d/12s7byrrIusDs4npsSosusb-WXoPGUrc-/view?usp=drive_link
Related
prion
prion
Cross site scripting
2023-08-31 01:15:00
cve
cve
CVE-2023-4653
2023-08-31 01:15:10
cvelist
cvelist
CVE-2023-4653 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
2023-08-31 00:00:19
osv
osv
CVE-2023-4653
2023-08-31 01:15:10
nvd
nvd
CVE-2023-4653
2023-08-31 01:15:10