October CMS User Plugin 1.4.5 – Persistent Cross-Site Scripting

Authors:0XB9                 Risk:High

CVE:CVE-2018-10366          0day:Cross-Site Scripting

0day -id:0DAY-176105         Date:2018-04-27

Overview

An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.

POC

# Exploit Title: October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting
# Date: 2018-04-03
# Author: 0xB9
# Software Link: https://octobercms.com/plugin/rainlab-user
# Version: 1.4.5
# Tested on: Ubuntu 17.10
# CVE: CVE-2018-10366


Persistent XSS
- Go to the account page localhost/OctoberCMS/account/
- Register & enter the following for your full name <p """><SCRIPT>alert("XSS")</SCRIPT>">
- You will be alerted everytime you visit the account page localhost/OctoberCMS/account/

Solution

Update to 1.4.6

Leave a Reply