header-logo
Suggest Exploit
vendor:
CMSimple
by:
Quadron Research Lab
8.8
CVSS
HIGH
Stored XSS
79
CWE
Product Name: CMSimple
Affected Version From: 5.2
Affected Version To: 5.2
Patch Exists: NO
Related CWE: N/A
CPE: a:cmsimple:cmsimple:5.2
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10 x64 HUN/ENG Professional
2021

CMSimple 5.2 – ‘External’ Stored XSS

The CMSimple 5.2 allow stored XSS via the Settings > CMS > Filebrowser > 'External:' input field. The CMSimple cms 'Filebrowser' 'External:' input field not filter special chars. It is possible to place JavaScript code. The JavaScript code placed here is executed by clicking on the Page or Files tab.

Mitigation:

Input validation should be used to prevent XSS attacks.
Source

Exploit-DB raw data:

# Exploit Title: CMSimple 5.2 - 'External' Stored XSS
# Date: 2021/04/07
# Exploit Author: Quadron Research Lab
# Version: CMSimple 5.2
# Tested on: Windows 10 x64 HUN/ENG Professional
# Vendor: https://www.cmsimple.org/en/

[Description]
The CMSimple 5.2 allow stored XSS via the Settings > CMS > Filebrowser > "External:" input field.

[Attack Vectors]
The CMSimple cms "Filebrowser" "External:" input field not filter special chars. It is possible to place JavaScript code. 
The JavaScript code placed here is executed by clicking on the Page or Files tab.

[Proof of Concept]
https://github.com/Quadron-Research-Lab/CVE/blob/main/CMSimple_5.2_XSS.pdf

Navigation

Suggest Exploit

Services By CQR