October CMS 3.4.0 Wiki Article Cross Site Scripting

`  
OctoberCMS v3.4.0 (Wiki_article) Stored Cross-Site Scripting Vulnerability  
  
  
Vendor: October CMS  
Product web page: https://www.octobercms.com  
Affected version: 3.4.0  
  
Summary: OctoberCMS is a self-hosted content management system (CMS)  
based on the PHP programming language and Laravel web application framework.  
It supports MySQL, SQLite and PostgreSQL for the database back end and  
uses a flat file database for the front end structure. The October CMS  
covers a range of capabilities such as users, permissions, themes, and  
plugins, and is seen as a simpler alternative to WordPress.  
  
Desc: OctoberCMS suffers from stored cross-site scripting vulnerability  
when a user with the ability to create an article could perform a stored  
XSS attack against any other users with the ability to create an article.  
This can lead to execute arbitrary HTML/JS code in a user's browser session  
in context of an affected site.  
  
Tested on: macOS Monterey 12.6.3  
Docker 4.12.0 (85629)  
PHP/8.1.6  
  
  
Vulnerability discovered by Nazli Soysal Kuran  
@zeroscience  
  
  
Advisory ID: ZSL-2023-5807  
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5807.php  
  
  
30.10.2023  
  
--  
  
  
Stored XSS (EntryRecord[content]):  
----------------------------------  
  
Endpoint: /backend/tailor/entries/wiki_article  
Payload: EntryRecord%5Bcontent%5D="<script>alert(1)</script>"  
`