Headline
CVE-2023-3058: 用户信息中存在XSS注入漏洞 · Issue #I76K4N · 零起飞/07FLYCRM客户关系管理系统 - Gitee.com
A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230560.
漏洞描述:
在该系统中,任意用户可以修改自己的介绍:
虽然该地方使用了textarea标签使输入的内容变成了文本,但是可以通过闭合标签绕过,payload:</textarea><img src=1 onerror=”alert(1);”>
注入成功后可以看到弹窗。当其他用户查看该用户的介绍时就会自动执行脚本。
危害
恶意攻击者可以利用该注入点注入任意脚本,包括窃取 cookie,获取用户浏览器 信息,XSS 蠕虫,跨站请求伪造等等。