Lucene search
Numan OZDEMIR1337DAY-ID-31145HistorySep 22, 2018 - 12:00 a.m.
MyBB Visual Editor 1.8.18 Cross Site Scripting Vulnerability
2018-09-2200:00:00
Numan OZDEMIR
0day.today
40
0.005 Low
EPSS
Percentile
73.5%
Exploit for php platform in category web applications
[+] Title: MyBB Visual Editor Stored XSS <= v1.8.18
[+] Author: Numan OZDEMIR
[+] Vendor Homepage: mybb.com
[+] Software Link: https://mybb.com/download/
[+] Version: Up to v1.8.18. Fixed in v1.8.19.
[+] PoC Video: https://numanozdemir.com/mybb/xss.mp4
[+] CVE: CVE-2018-17128
[+] Discovered by Numan OZDEMIR in InfinitumIT Labs
[+] [email protected] - [email protected]
[~] Description:
Attacker can run JavaScript codes in victim user's browser while victim
is replying a post.
'videotype' section causes this.
[~] How to Reproduce:
1)- Enter to thread posting page. (newthread.php, enter title and
content.)
2)- Click "insert a video" command. Select any source and insert any
URL.
3)- Edit the video source with your payload.
Or, directly add this code:
[video=PAYLOAD]http://victim.com[/video]
Example:
[video=PA<svg/onload=alert('xss')>YLOAD]http://victim.com[/video]
4)- Post the thread.
While victim user replying your post, his browser will run JavaScript.
Vulnerable pages:
editpost.php
newreply.php
private.php
and all Visual Editor embedded pages.
// for secure days...
# 0day.today [2018-09-22] #Related
prion
prion
Cross site scripting
2018-09-17 04:29:00
cve
cve
CVE-2018-17128
2018-09-17 04:29:00
cvelist
cvelist
CVE-2018-17128
2018-09-17 04:00:00
packetstorm
packetstorm
MyBB Visual Editor 1.8.18 Cross Site Scripting
2018-09-22 00:00:00
exploitpack
exploitpack
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
2018-09-24 00:00:00
openvas
openvas
MyBB Multiple Vulnerabilities (Sep 2018)
2018-09-18 00:00:00
exploitdb
exploitdb
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
2018-09-24 00:00:00