EasyCMS 1.3 CVE-2018-10527 – Cross-site scripting

Authors:starnightcyber      Risk:High

CVE:CVE-2018-10527         0day:Cross-site scripting

0day -id:0DAY-176125        Date:2018-04-30

Description

EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI.

Analysis

Steps To Reproduce:
1、Login the backstage:
http://localhost/EasyCMS-master//index.php?s=/admin/login/login.html
2、Before post an article, you need to create an article classification, now we have class – “a”
image
3、Then post a new article or edit an existing one
image
4、No 1.2.3.4 is a simple test to check whether field is vulnerable to stored xss
a)tilte filed
image
b)keyword field
image
Then go to the site front page : http://localhost/EasyCMS-master/
c)abstract field
image
Then click the article to see more
d)content filed
image
The Above four fields are prone to store xss attack

Leave a Reply