header-logo
Suggest Exploit
vendor:
WonderCMS
by:
Mayur Parmar
8.8
CVSS
HIGH
Stored Cross-site scripting(XSS)
79
CWE
Product Name: WonderCMS
Affected Version From: 3.1.3
Affected Version To: 3.1.3
Patch Exists: NO
Related CWE: N/A
CPE: a:wondercms:wondercms:3.1.3
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: PopOS
2020

WonderCMS 3.1.3 – ‘page’ Persistent Cross-Site Scripting

Stored attacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The victim then retrieves the malicious script from the server when it requests the stored information. Stored XSS is also sometimes referred to as Persistent XSS. This vulnerability can results attacker to inject the XSS payload in Page keywords and each time any user will visits the website, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.

Mitigation:

Input validation and output encoding should be used to prevent XSS attacks.
Source

Exploit-DB raw data:

# Exploit Title: WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting
# Date: 20-11-2020
# Exploit Author: Mayur Parmar
# Vendor Homepage: https://www.wondercms.com/
# Version: 3.1.3
# Tested on: PopOS

Stored Cross-site scripting(XSS):
Stored attacks are those where the injected script is permanently stored on the target servers,
such as in a database, in a message forum, visitor log, comment field, etc.
The victim then retrieves the malicious script from the server when it requests the stored information.
Stored XSS is also sometimes referred to as Persistent XSS.

Attack vector:
This vulnerability can results attacker to inject the XSS payload in Page keywords and each time any user will visits the website, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.

Vulnerable Parameters: Page Title.

Steps-To-Reproduce:
1. Go to the Simple website builder.
2. Put this payload in Page keywords: Mayur"><img src=x onerror=confirm("XSS")>
3. Now go to the website and the XSS will be triggered.

Navigation

Suggest Exploit

Services By CQR