CVE-2023-43341: GitHub - sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-: Evolution CMS 3.2.3 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbi

Evolution CMS Reflected XSS v3.2.3****Author: (Sergio)

Description: A cross-site scripting (XSS) reflected vulnerability in the evolution v.3.2.3 installation process connection allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the uid parameter.

Attack Vectors: A vulnerability in the sanitization of the uid parameter of the Database installation process allows JavaScript code to be injected.

POC:

During the installation process we enter the XSS payload in the uid parameter and when we click on next, we will obtain the XSS pop-up.

XSS Payload:

'"><svg/onload=alert(‘XSS’)>

In the following image you can see the embedded code that executes the payload in the instalaltion process.

And the result will be reflected with the pop-up of the following evidence:

Additional Information:

https://evo.im/