Discuz! 7.2 某自带功能存在储存型XSS漏洞

2014-09-11T00:00:00
ID SSV:93743
Type seebug
Reporter Root
Modified 2014-09-11T00:00:00

Description

简要描述:

Discuz! 7.2 某自带功能存在储存型XSS漏洞

详细说明:

还是在签到哦~ plugin.php?id=dps_sign:sign 发表签到 签到可以写入xss 但是要干扰前面的代码 才可以形成xss

[<img src="https://images.seebug.org/upload/201409/1100522754a8ee564ad50b51a9dcd8669c53e051.jpg" alt="JUAQ]LZ91S(BUV5X0Q16@6A.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/1100522754a8ee564ad50b51a9dcd8669c53e051.jpg)

[<img src="https://images.seebug.org/upload/201409/1100524583a5fba1a426878f1f3598aaf1fa7dfc.jpg" alt="O{7XO10KZ2NOKF`I]S85T_D.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/1100524583a5fba1a426878f1f3598aaf1fa7dfc.jpg)

[<img src="https://images.seebug.org/upload/201409/110052586eb9b707932e23abdc555c704a960028.jpg" alt="J6B8U7KFF}(SMIBGSD]ODP.jpg" width="600" onerror="javascript:errimg(this);">

漏洞证明:

[<img src="https://images.seebug.org/upload/201409/110052586eb9b707932e23abdc555c704a960028.jpg" alt="J6B8U7KFF}(SMIBGSD]ODP.jpg" width="600" onerror="javascript:errimg(this);">