Lucene search
ChonkysecE891DCBC-2092-49D3-9518-23E37187A5EAHistoryJul 07, 2023 - 8:30 a.m.
Stored Xss in Question field due to lack of sanitization in Link.php
2023-07-0708:30:22
chonkysec
www.huntr.dev
5
stored xss
cross-site scripting
web application
vulnerability
injection
malicious scripts
website
persistence
target website
proof of concept
admin login
faqs
category page
sanitization
link.php
0.0004 Low
EPSS
Percentile
14.2%
Description
Stored XSS (Cross-Site Scripting) is a type of web application vulnerability that allows an attacker to inject malicious scripts into a website or web application. Unlike reflected XSS, where the malicious script is embedded in a URL and executed immediately, stored XSS involves the persistence of the malicious script on the target website.
Proof of Concept
1. Login as admin.
2. Go to Content -> Edit or Add FAQs -> in Question field, enter XSS payload like "><h1>XSS</h1>
3. Go to Category page that has xss payload FAQs and XSS will trigger.
#POC
https://drive.google.com/file/d/1thIMmEOUPSDTThO8eouvnYnBtAn_oOiW/view?usp=sharing
Related
cvelist
cvelist
CVE-2023-4007 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2023-07-31 00:00:43
osv
osv
CVE-2023-4007
2023-07-31 01:15:10
phpMyFAQ Stored Cross-site Scripting vulnerability
2023-07-31 03:30:23
prion
prion
Cross site scripting
2023-07-31 01:15:00
cve
cve
CVE-2023-4007
2023-07-31 01:15:10
nvd
nvd
CVE-2023-4007
2023-07-31 01:15:10
veracode
veracode
Stored Cross-site Scripting (XSS)
2023-08-02 06:15:35
github
github
phpMyFAQ Stored Cross-site Scripting vulnerability
2023-07-31 03:30:23
openvas
openvas
phpMyFAQ < 3.1.16 Multiple Vulnerabilities
2023-07-31 00:00:00