Headline
SofaWiki 3.9.2 Cross Site Scripting
SofaWiki version 3.9.2 suffers from a persistent cross site scripting vulnerability.
# Exploit Title: SofaWiki 3.9.2 - Stored XSS (Authenticated)# Date: 10/17/2024# Exploit Author: Chokri Hammedi# Vendor Homepage: https://www.sofawiki.com# Software Link: https://www.sofawiki.com/site/files/snapshot.zip# Version: 3.9.2# Tested on: Windows XPSummary:A stored XSS exists in SofaWiki's Open Ticket feature. An authenticateduser can inject a JavaScript payload into the ticket's title field, whichtriggers whenever the ticket is viewed.Proof of Concept (PoC):1. Login and go to New Ticket:http://localhost/sofawiki/index.php?name=special:tickets&ticketaction=new2. Use this payload in the Title field:<script>alert('XSS');</script>3. Click Open Ticket the alert will be triggered.The payload runs each time the ticket is opened.