Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Stored Cross-Site Scripting in Backdrop CMS 1.23.0 - Post Body Field - exploit.company
header-logo
Suggest Exploit
vendor:
Backdrop CMS
by:
Sinem Şahin
6.1
CVSS
HIGH
Stored Cross-Site Scripting
79
CWE
Product Name: Backdrop CMS
Affected Version From: 1.23.0
Affected Version To: 1.23.0
Patch Exists: NO
Related CWE: CVE-2023-XXXX (Not assigned yet)
CPE: a:backdrop_cms:backdrop:1.23.0
Metasploit:
Other Scripts: https://www.infosecmatter.com/why-your-exploit-completed-but-no-session-was-created-try-these-fixes/https://www.infosecmatter.com/nessus-plugin-library/?id=75129
Platforms Tested: Windows & XAMPP
2023

Stored Cross-Site Scripting in Backdrop CMS 1.23.0 – Post Body Field

An attacker can exploit a stored Cross-Site Scripting vulnerability in Backdrop CMS 1.23.0 by inserting malicious scripts into the body of a post. By crafting a specific payload and saving the post, the attacker can execute arbitrary scripts in the context of other users' browsers.

Mitigation:

To mitigate this issue, sanitize user inputs to prevent the insertion of scripts. Additionally, implement Content Security Policy (CSP) headers to reduce the impact of successful XSS attacks.
Source

Exploit-DB raw data:

# Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field
# Date: 2023-08-21
# Exploit Author: Sinem Şahin
# Vendor Homepage: https://backdropcms.org/
# Version: 1.23.0
# Tested on: Windows & XAMPP

==> Tutorial <==

1- Go to the following url. => http://(HOST)/backdrop/node/add/post
2- Write your xss payload in the body of the post. Formatting options should be RAW HTML to choose from.
3- Press "Save" button.

XSS Payload ==> "<script>alert("post_body")</script>

Navigation

Suggest Exploit

Services By CQR