Headline
CVE-2023-24369: XSS attacks may occur on the UJCMS · Issue #3 · ujcms/ujcms
A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.
Hello, I found that when ujcms V4.1.3 of your company added articles in the background, the redirection link was selected, and the url was not verified when the new window was opened without checking the check box. javascript pseudo-protocol is used to carry out cross-site attack. When the viewer clicks on the article, the cross-site attack is triggered. The user’s browser control permissions and sensitive information can be obtained in this way.
Specific steps: When adding new articles, turn to the url and input javascript:alert(1). Click Save. When clicking the new articles in the foreground, js events can be triggered.
Suggestion: If you want to add a forward link, verify the location of the forward url in the system, for example, limit it to HTTP or HTTPS.