vendor:
Xenforo
by:
Furkan Karaarslan
N/A
CVSS
HIGH
Authenticated Stored XSS
79
CWE
Product Name: Xenforo
Affected Version From: 2.2.12
Affected Version To: 2.2.13
Patch Exists: NO
Related CWE:
CPE: a:xenforo:xenforo:2.2.13
Platforms Tested: Windows, Linux
2023
Xenforo Version 2.2.13 – Authenticated Stored XSS
This exploit allows an attacker to inject malicious JavaScript code into the Xenforo version 2.2.13 application. The vulnerability exists in the 'title' parameter of the '/admin.php?smilie-categories/0/save' endpoint, which does not properly sanitize user input. An authenticated user can exploit this vulnerability by submitting a crafted request with a malicious payload in the 'title' parameter. When the page is viewed by another user, the payload will be executed, leading to potential remote code execution or other malicious activities.
Mitigation:
To mitigate this vulnerability, the vendor should release a patch that properly sanitizes user input in the affected endpoint. Until a patch is available, users can mitigate the risk by implementing input validation and output encoding to prevent malicious code execution.