WEBIGniter v28.7.23 – Stored XSS

• Exploit Database
• 14 阅读

• 作者： Mesut Cetin
  日期： 2024-03-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/51900/

• ## Title: WEBIGniter v28.7.23 XSS
  ## Author: RedTeamer IT Security, Mesut Cetin
  ## Date: 09/04/2023
  ## Vendor: https://webigniter.net/
  ## Software: https://webigniter.net/demo
  ## Reference: https://portswigger.net/web-security/cross-site-scripting/stored
  
  ## Description:
  During the user creation process, the 'your_name' parameter fails to adequately validate user input, rendering the system vulnerable to reflected cross-site scripting (XSS) attacks.
  
  ## PoC
  To exploit this vulnerability, an attacker can inject malicious JavaScript code into the "your_name" parameter under https://webigniter.net/create-account during the user creation process. This code, when embedded within an image tag like this: <img src onerror="prompt(8)">, can be executed when the user navigates to the "users" page under their profile.
  
  ## Mitigation
  To mitigate this risk, the "your_name" parameter should be subjected to rigorous input validation and encoding to ensure that all user input is sanitized and rendered harmless.