Cross-site Scripting (XSS) - Stored in zoujingli/thinkadmin

Valid

Reported on

Sep 14th 2021


Description

Stored xss via name

Proof of Concept

1. First goto https://v6.thinkadmin.top/admin.html#/admin/base.html?type=datea&spm=m-2-4-8 and edit a data and put bellow xss payload in Data name field .

xss"'><img src=x onerror=alert(document.domain)>

Now see xss is executed

VIEDO

https://drive.google.com/file/d/1_SwUpjNFjkmlPib8FxcVRYOWX6OASYn8/view?usp=sharing

Impact

stored xss

We have contacted a member of the zoujingli/thinkadmin team and are waiting to hear back 9 days ago
邹景立 validated this vulnerability 9 days ago
ranjit-git has been awarded the disclosure bounty
The fix bounty is now up for grabs
邹景立 confirmed that a fix has been merged on 307071 9 days ago
邹景立 has been awarded the fix bounty
邹景立
9 days ago

Maintainer


Use composer to update the thinklibrary component.

https://github.com/zoujingli/ThinkLibrary/blob/v6.0/src/helper/PageHelper.php#L117

邹景立
9 days ago

Maintainer


https://github.com/zoujingli/ThinkAdmin#%E9%97%AE%E9%A2%98%E4%BF%AE%E5%A4%8D