Plone CMS 5.2.3 – ‘Title’ Stored XSS

Exploit Database
84 阅读

作者： Piyush Patil

日期： 2021-03-19
类别：
- webapps
平台：
- multiple
来源：https://www.exploit-db.com/exploits/49668/

# Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS
# Date: 18-03-2021
# Exploit Author: Piyush Patil
# Vendor Homepage: https://plone.com/
# Software Link: https://github.com/plone/Products.CMFPlone/tags
# Version: 5.2.3
# Tested on: Windows 10


# Reference - https://github.com/plone/Products.CMFPlone/issues/3255

Steps to reproduce the issue:
1- Goto https://localhost/ where Plone 5.2.3 version is installed.
2- Click on "Log in now" and Login as "Manager"
3- Navigate to Manager=>Site Setup=>Site
4- Edit "Site title" field to "xyz<ScRiPt>alert(1)</ScRiPt>"

last Exploits
Plone CMS 5.2.3 – ‘Title’ Stored XSS的更多信息

DBCart – ‘article.php’ SQL Injection：
xWeblog 2.2 – ‘oku.asp?makale_id’ SQL Injection：
chCounter – indirect SQL Injection / Cross-Site Scripting：
bbPress 1.0.2 – Cross-Site Request Forgery (Change Admin Password)：
SpamTitan 7.07 – Remote Code Execution (Authenticated)：
Simple Grocery Store Sales And Inventory System 1.0 – Authentication Bypass：
Flexible Poll 1.2 – SQL Injection：
ProMan 0.1.1 – Multiple File Inclusions：