DotCMS 20.11 – Stored Cross-Site Scripting

Exploit Database
42 阅读

作者： Hardik Solanki

日期： 2020-12-02
类别：
- webapps
平台：
- multiple
来源：https://www.exploit-db.com/exploits/49168/

# Exploit Title: DotCMS 20.11 - Stored Cross-Site Scripting
# Exploit Author: Hardik Solanki
# Vendor Homepage: https://dotcms.com/
# Version: 20.11
# Tested on Windows 10

Vulnerable Parameters: Template Title

Steps to reproduce:
1. Login With Admin Username and password.
2. Navigate to Site --> Template --> Add Template Designer
2. Entre the payload <script>alert(document.cookie)</script> in Template
Title.
3. Now Navigate to Site --> Template. We could see that our payload gets
executed. And hence it executed every time.

last Exploits
DotCMS 20.11 – Stored Cross-Site Scripting的更多信息

e107 0.7.x – ‘/e107_admin/banner.php’ SQL Injection：
Landshop 0.9.2 – Multiple Web Vulnerabilities：
Job Portal 1.0 – Remote Code Execution：
RSA – SecurID Cross-Site Scripting：
AnchorCMS < 0.12.3a - Information Disclosure：
ICDental Clinic 1.2 – ‘key’ SQL Injection：
mooSocial 1.3 – Multiple Vulnerabilities：
osCommerce 2.3.4.1 – Remote Code Execution：