Headline
CVE-2022-25582: Vulscve/classcms2.5-xss.md at master · k0xx11/Vulscve
A stored cross-site scripting (XSS) vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field.
Storage xss exists in all three column modules of column management in CLASSCMS v2.5.
payload: <script>alert(1)</script>
Click manage-> Click column Management-> Select the third column of articles and then click manage.
Click to add
Enter our payload and click add
Click the editor again
Click again to save
Just visit the home page and find that payload has been executed
If you enter the title 1. of this article, you will also execute payload.
When we enter the title 1., we will also execute payload, and we will find that after the title we entered is’1. < script > alert (1) < / script >’, the title of the article on the home page becomes’ 1.’, which means that the following js code has been executed.
