SofaWiki 3.9.2 Cross Site Scripting
2024-10-17 21:43:19 Author: packetstormsecurity.com(查看原文) 阅读量:2 收藏

# Exploit Title: SofaWiki 3.9.2 - Stored XSS (Authenticated)
# Date: 10/17/2024
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://www.sofawiki.com
# Software Link: https://www.sofawiki.com/site/files/snapshot.zip
# Version: 3.9.2
# Tested on: Windows XP

Summary:

A stored XSS exists in SofaWiki's Open Ticket feature. An authenticated
user can inject a JavaScript payload into the ticket's title field, which
triggers whenever the ticket is viewed.

Proof of Concept (PoC):

1. Login and go to New Ticket:

http://localhost/sofawiki/index.php?name=special:tickets&ticketaction=new

2. Use this payload in the Title field:
<script>alert('XSS');</script>

3. Click Open Ticket the alert will be triggered.
The payload runs each time the ticket is opened.


文章来源: https://packetstormsecurity.com/files/182272/sofawiki392-xss.txt
如有侵权请联系:admin#unsafe.sh