إرسال #725384: Xinhu Xinhu OA V2.7.1 (earlier versions may also be affected) Stored Cross-Site Scripting (XSS)المعلومات

عنوانXinhu Xinhu OA V2.7.1 (earlier versions may also be affected) Stored Cross-Site Scripting (XSS)
الوصفXinhu OA V2.7.1 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability within the "Notice and Announcement" (通知公告) module. The vulnerability exists in the rock_page_gong.php file, where the fengmian (cover image) parameter accepts user-supplied input without any security filtering or sanitization. An attacker can inject a malicious XSS payload into a notice. When other users view the reminder information in the "Personal Center" (个人中心), the payload is executed in the user's browser. This could lead to session hijacking, unauthorized actions, or the execution of malicious code. Advisory / Exploit Vulnerability Point: Notice and Announcement - Add New Notice Trigger Point: Personal Center - Reminder Information - View Vulnerable Code Snippet (rock_page_gong.php): JavaScript c.setcolumns('fengmian',{ renderer:function(v){ if(!v)return '&nbsp;'; // The variable 'v' is directly concatenated into the HTML string return '<img src="'+v+'" height="60">'; } }); Proof of Concept (POC): An attacker can submit the following POST request with a malicious payload in the fengmian parameter: HTTP POST /index.php?a=save&m=mode_news|input&d=flow&ajaxbool=true&rnd=98122 HTTP/1.1 Host: [Target_Host] Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Cookie: id=0&sxuanfileid=151&title=test&fengmian="x onerror="alert(1)"&typename=Security&... The injected onerror event triggers the JavaScript execution when the image fails to load. Company official website URL: http://www.rockoa.com/ Source code download address:http://www.rockoa.com/index.php?a=down&id=298
المستخدم
 BlackSpdier (UID 89912)
ارسال28/12/2025 11:05 AM (4 أشهر منذ)
الاعتدال04/01/2026 06:56 PM (7 days later)
الحالةتمت الموافقة
إدخال VulDB339493 [Xinhu Rainrock RockOA حتى 2.7.1 Cover Image rock_page_gong.php fengmian البرمجة عبر المواقع]
النقاط17

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!