Giters

sromanhu / CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager

CMSmadesimple 2.2.18 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CMSmadesimple File Upload - XSS v2.2.18

Author: (Sergio)

Description: File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden XSS.

Attack Vectors: A vulnerability in File Manager file upload sanitation allows you to upload a PDF file with hidden XSS.

POC:

When logging into the panel, we will go to the "Content- File Manager." section off General Menu.

XSS pdf file upload

We upload the PDF file with the hidden XSS and we see that we can execute it and the Reflected XSS appears.

XSS pdf file upload resultado


Additional Information:

http://www.cmsmadesimple.org/

https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html

About

CMSmadesimple 2.2.18 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up