Coastercms 5.8.18 – Stored XSS

• Exploit Database
• 39 阅读

• 作者： Hardik Solanki
  日期： 2020-12-03
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49181/

• # Exploit Title: Coastercms 5.8.18 - Stored XSS
  # Exploit Author: Hardik Solanki
  # Vendor Homepage: https://www.coastercms.org/
  # Software Link: https://www.coastercms.org/
  # Version: 5.8.18
  # Tested on Windows 10
  
  XSS IMPACT:
  1: Steal the cookie
  2: User redirection to a malicious website
  
  Vulnerable Parameters: Edit Page tab
  
  Steps to reproduce:
  1: Navigate to "http://localhost/admin/login" and log in with
  admin credentials.
  2:- Then after login navigates to "Page --> Homepage --> Our Blog" and
  click on the edit page.
  3: Then add the payload "<script>alert(123)</script>" & Payload
  "<h1>test</h1>", and cliock on update button. Saved succesfully.
  4: Now, click on "View live page" and it will redirect you to the live page
  at "http://localhost/homepage/blog" and XSS will get stored and
  trigger on the main home page