Giters

sromanhu / CVE-2023-43876-October-CMS-Reflected-XSS---Installation

October CMS 3.4.16 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

October CMS Reflected XSS v3.4.16

Author: (Sergio)

Description: Cross-Site Scripting (XSS) vulnerabilitiy in installation of October v.3.4.16 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

Attack Vectors: A vulnerability in the installation sanitation in the dbhost field allows JavaScript code to be injected.

POC:

During the installation process we enter the XSS payload in dbhost field and when we click on next, we will obtain the XSS pop-up

XSS Payload:

'"><svg/onload=prompt('dbhost')>

XSS Dbhost payload

In the following image you can see the embedded code that executes the payload in the instalaltion process.

dbhost


Additional Information:

https://octobercms.com/

https://owasp.org/Top10/es/A03_2021-Injection/

About

October CMS 3.4.16 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.