phpVibe < 4.20 Stored XSS

vendor:

phpVibe

by:

Filippos Mastrogiannis

7.5

CVSS

HIGH

Stored XSS

CWE

Product Name: phpVibe

Affected Version From: prior to 4.20

Affected Version To: 4.2

Patch Exists: YES

Related CWE: N/A

CPE: //a:phpvibe

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

This stored XSS vulnerability allows any logged in user to inject malicious code in the comments section. The vulnerability exists because the user input is not properly sanitized and this can lead to malicious code injection that will be executed on the target’s browser.

Mitigation:

The vendor has fixed the issue in the version 4.21

Source

Exploit-DB raw data:

# phpVibe < 4.20 Stored XSS

# Vendor Homepage: http://www.phpvibe.com
# Affected Versions: prior to 4.20

# Discovered by Filippos Mastrogiannis
# Twitter: @filipposmastro
# LinkedIn: https://www.linkedin.com/pub/filippos-mastrogiannis/68/132/177

-- Description --

This stored XSS vulnerability allows any logged in user
to inject malicious code in the comments section:
e.g. "><body onLoad=confirm("XSS")>

The vulnerability exists because the user input is not properly sanitized
and this can lead to malicious code injection that will be executed on the
target’s browser

-- Proof of Concept --

1. The attacker posts a new comment which contains our payload:
"><body onLoad=confirm("XSS")>

2. The stored XSS can be triggered when any user visits the link of the
uploaded content

-- Solution --

The vendor has fixed the issue in the version 4.21