header-logo
Suggest Exploit
vendor:
dotcms
by:
Hardik Solanki
8.8
CVSS
HIGH
Stored Cross-Site Scripting
79
CWE
Product Name: dotcms
Affected Version From: 20.11
Affected Version To: 20.11
Patch Exists: No
Related CWE: N/A
CPE: a:dotcms:dotcms
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10
2020

DotCMS 20.11 – Stored Cross-Site Scripting

DotCMS 20.11 is vulnerable to stored cross-site scripting (XSS) in the Template Title parameter. An attacker can inject malicious JavaScript code into the Template Title parameter, which will be executed when the template is viewed. This can be used to steal cookies, hijack sessions, and perform other malicious activities.

Mitigation:

To mitigate this vulnerability, input validation should be performed on the Template Title parameter to ensure that no malicious JavaScript code is being injected.
Source

Exploit-DB raw data:

# Exploit Title: DotCMS 20.11 - Stored Cross-Site Scripting
# Exploit Author: Hardik Solanki
# Vendor Homepage: https://dotcms.com/
# Version: 20.11
# Tested on Windows 10

Vulnerable Parameters: Template Title

Steps to reproduce:
1. Login With Admin Username and password.
2. Navigate to Site --> Template --> Add Template Designer
2. Entre the payload <script>alert(document.cookie)</script> in Template
Title.
3. Now Navigate to Site --> Template. We could see that our payload gets
executed. And hence it executed every time.

Navigation

Suggest Exploit

Services By CQR