header-logo
Suggest Exploit
vendor:
Dolphin
by:
Piyush Patil
8.8
CVSS
HIGH
Stored XSS
79
CWE
Product Name: Dolphin
Affected Version From: 7.4.2
Affected Version To: 7.4.2
Patch Exists: Yes
Related CWE: N/A
CPE: a:boonex:dolphin
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10
2021

Boonex Dolphin 7.4.2 – ‘width’ Stored XSS

A stored XSS vulnerability exists in Boonex Dolphin 7.4.2. An attacker can inject malicious JavaScript code into the 'width' parameter of the 'Pages Builder' page. This code will be executed when an authenticated user visits the page. An attacker can use this vulnerability to steal cookies and gain access to the user's account.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of Boonex Dolphin.
Source

Exploit-DB raw data:

# Exploit Title: Boonex Dolphin 7.4.2 - 'width' Stored XSS
# Date: 18-03-2021
# Exploit Author: Piyush Patil
# Vendor Homepage: https://www.boonex.com/
# Software Link: https://www.boonex.com/downloads
# Version: 7.4.2
# Tested on: Windows 10

# Reference - https://github.com/xoffense/POC/blob/main/Boonex%20Dolphin%20CMS%207.4.2%20%20stored%20XSS

Steps to Reproduce Bug:
1- Login to Admin Panel
2- Goto "Builders" => "Pages Builder"
3- Select any page
4- Turn on Burp Suite Intercept and Change "other pages width" to "1081px</script><script>alert(document.cookie)</script>"

Navigation

Suggest Exploit

Services By CQR