Store XSS in Widgets and pages in instantsoft/icms2
Reported on
Aug 25th 2023
Description I noticed that you filtered the comment very carefully.
But there are still some parts you missed
Proof of Concept
1 .Login with admin
2 .Go to "https://demo.instantcms.io/admin/widgets"
3 . Insert payload in Position name and Title
test" onmouseover = "alert(document.cookie)
4 .Click save , and detect store xss
Video Poc
https://drive.google.com/file/d/14rOcvhHlY7vmcCkks1fbl4KMt3XLd4lp/view?usp=sharing
Impact
This security vulnerability has the potential to steal multiple users' cookies, gain unauthorized access to that user's account through stolen cookies, or redirect the user to other malicious websites...
Hi, I have prepared a backup VideoPoc: https://drive.google.com/file/d/1k2dcISjPhhH4B5LeRIxGHiwCbmGVFf53/view?usp=drive_link
Hi @instantsoft/icms2, Hope you are interested in this report, thanks a lot.
This kind of XSS is not inherently XSS. Only formally. The site administrator, who has access to the admin area, will not do it himself. And even if his account is compromised, it makes no sense for an attacker to use XSS. I'll verify your report with only one meaning, to keep you searching. But you should familiarize yourself better with the CMS.
Yes. Can you specify a CVE for it. I need it for work. Thank you very much.
Hi @Fuza, can you specify the CVE for this report. I really need it for work. Thank you very much.
Hi @Fuze, can you specify the CVE for this report. I really need it for work. Thank you very much.
@Fuze, Can you help me with this problem? Thank you very much .