Giters

sromanhu / CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu

RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Main Menu - Items in the Administration Menu

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Rite CMS v3.0 Multiple Stored XSS

Author: (Sergio)

Description: Rite CMS 3.0 is affected by a Multiple Cross-Site scripting (XSS) stored vulnerability that allows attackers to execute arbitrary code via a crafted payload i to the Main Menu - Items in the Administration Menu.

Attack Vectors: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

POC:

When logging into the panel, we will go to the "Administration - Menus - Main Menu" section.

We click on Add item button and we add the XSS payloads to the Name, Title, Link and Accesskey fields.

XSS Menú endpoint payload

XSS Payload:

'"><svg/onload=propmt('Name')>

In the following images you can see the embedded code that executes the payload in the main web.

XSS Nmae result

XSS title result

XSS link result

XSS Accesskey result


About

RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Main Menu - Items in the Administration Menu