Showdoc 2.10.3 – Stored Cross-Site Scripting (XSS)

• Exploit Database
• 39 阅读

• 作者： Akshay Ravi
  日期： 2022-05-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50941/

• # Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
  # Exploit Author: Akshay Ravi
  # Vendor Homepage: https://github.com/star7th/showdoc
  # Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3
  # Version: <= 2.10.3
  # Tested on: macOS Monterey
  # CVE : CVE-2022-0967
  
  Description: Stored XSS via uploading file in .ofd format
  
  1. Create a file with .ofd extension and add XSS Payload inside the file
  	
  	filename = "payload.ofd"
  	payload = "<script>alert(1)</script>"
  
  2. Login to showdoc v2.10.2 and go to file library
  	
  	Endpoint = "https://www.site.com/attachment/index"
  
  3. Upload the payload on file library and click on the check button
  4. The XSS payload will executed once we visited the URL