forkcms

vulnerability xss
severity 5.4
language php
registry other

✍️ Description

The forkcms is vulnerable to XSS through adding new media.

🕵️‍♂️ Proof of Concept

Payload: <img src onerror=alert()>.

  1. With an authenticated user, access: http://localhost/private/en/media_library/media_item_index.

  2. Select the option Online movies (Youtube, Vimeo, ...) and click on Next.

  3. Select any source and put the payload into Movie id or Movie title.

  4. Click on Add movie.

PoC video

💥 Impact

JavaScript code execution, which allows stealing user session cookies.