ThingsBoard 3.3.1 ‘name’ – Stored Cross-Site Scripting (XSS)

Exploit Database
12 阅读

作者： Steffen Langenfeld

日期： 2022-08-09
类别：
- webapps
平台：
- multiple
来源：https://www.exploit-db.com/exploits/51003/

# Exploit Title:ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting (XSS)
# Date: 03/08/2022
# Exploit Author: Steffen Langenfeld & Sebastian Biehler
# Vendor Homepage: https://thingsboard.io/
# Software Link: https://github.com/thingsboard/thingsboard/releases/tag/v3.3.1
# Version: 3.3.1
# CVE : CVE-2021-42750
# Tested on: Linux

#Proof-Of-Concept:
When creating a rule node (any) and putting a script payload inside the name of the rule node, it is executed upon hovering above the node within the editor.

#Steps

1. Create a new rule node (via the menu "Rule chains")
2. Put a javascript payload within the name e.g <script>alert('XSS')</script>
3. Save the node
4. Upon hovering above the node within the editor the payload is executed

last Exploits
ThingsBoard 3.3.1 ‘name’ – Stored Cross-Site Scripting (XSS)的更多信息

Joomla! Component com_vxdate – Multiple Vulnerabilities：
Contec Smart Home 4.15 – Unauthorized Password Reset：
Itech News Portal Script 6.28 – ‘inf’ SQL Injection：
WordPress Plugin Product Slider for WooCommerce 1.13.21 – Cross Site Scripting (XSS)：
Basic Analysis and Security Engine (BASE) 1.4.5 – ‘base_qry_alert.php?base_path’ Remote File Inclusion：
BEWARD N100 H.264 VGA IP Camera M2.1.6 – Cross-Site Request Forgery (Add Admin)：
Zabbix 4.2 – Authentication Bypass：
OpenMRS 2.3 (1.11.4) – Local File Disclosure：