Headline
CVE-2023-30212: OURPHP =v7.2.0 ourphp_out.php Reflection xss
OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php.
Direct echo in the /client/manage/ourphp_out.php file, in addition to controllable variables, allows attackers to execute xss code.
Let’s look directly at the code as follows
If the ourphp_admin parameter is logout, we will echo a controllable variable.
The controllable variable is out
And there’s a script tag in front, just close it for him.
So our payload is
1
/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(`xss`)</script>
Vulnerability recurrence
Let’s download the code through the following link and install it directly in PHP Study.
1
https://down.chinaz.com/api/index/download?id=51308&type=code
After installation, directly access the following path
1
/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(`xss`)</script>