目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CVE-2023-43873 PoC — e017 CMS 跨站脚本漏洞

来源
https://github.com/sromanhu/CVE-2023-43873-e107-CMS-Stored-XSS---Manage
关联漏洞
标题:e017 CMS 跨站脚本漏洞 (CVE-2023-43873)
Description:e017 CMS是e017的一个内容管理系统。 e017 CMS v.2.3.2版本存在跨站脚本漏洞。攻击者利用该漏洞通过特制的脚本对Manage Menu中的name字段执行任意代码。
Description
e107 2.3.2 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Name field in the Manage Menu.
介绍
# e107 CMS Stored XSS v2.3.2

## Author: (Sergio)

**Description:** Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu.

**Attack Vectors:** Scripting A vulnerability in the sanitization of the entry in the Name of "Manage" allows injecting JavaScript code that will be executed when the user accesses the web page.

---

### POC:


When logging into the panel, we will go to the "Manage" section off General Menu.

![XSS Name Home payload](https://github.com/sromanhu/e107-CMS-Stored-XSS---Manage/assets/87250597/0d43df62-7041-4a5b-b6b5-84fbccc1149e)




We edit that Site Settings that we have created and see that we can inject arbitrary Javascript code in the Name field.


### XSS Payload:

```js
<img src=1 onerror=alert("1")
```


In the following image you can see the embedded code that executes the payload in the main web.

![XSS Name result](https://github.com/sromanhu/e107-CMS-Stored-XSS---Manage/assets/87250597/6e18932b-b476-452d-9397-bf622cf2dc0e)



</br>

### Additional Information:
https://e107.org/

https://owasp.org/Top10/es/A03_2021-Injection/

https://owasp.org/www-community/attacks/xss/
文件快照

登录后查看神龙缓存的 POC 文件快照

登录查看
备注
    1. 建议优先通过来源进行访问。
    2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
    3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →