SofaWiki 3.9.2 Cross Site Scripting

# Exploit Title: SofaWiki 3.9.2 - Reflected XSS (Authenticated) via RegexReplace Preview# Date: 10/17/2024# Exploit Author: Chokri Hammedi# Vendor Homepage: https://www.sofawiki.com# Software Link: https://www.sofawiki.com/site/files/snapshot.zip# Version: 3.9.2# Tested on: Windows XP*Summary:*A *reflected XSS* vulnerability exists in the *Regex Replace Preview*feature of SofaWiki. When a malicious payload is injected into the *Replace*field, the payload is executed immediately in the user’s browser during thepreview. Proof of Concept (PoC):1. Login to SofaWiki.2. Go to Special => Regex :http://localhost/sofawiki/index.php?action=view&name=special:regex&lang=en3. In the Regex field, enter any text (e.g., test).4. In the Replace field, inject the following payload:<script>alert('XSS');</script>5. Click Replace Preview to trigger the XSS.