Submit #607201: ShopXO 6.5.0 Cross Site Scriptinginfo

TitelShopXO 6.5.0 Cross Site Scripting
BeschreibungSummary A Reflected Cross-Site Scripting (XSS) vulnerability exists in ShopXO 6.5.0, allowing attackers to inject arbitrary JavaScript via the lang parameter. The vulnerability occurs due to insufficient input sanitization in multilingual support functionality, where user-supplied input is directly embedded into JavaScript code without proper escaping. Details The lang parameter value is directly inserted into JavaScript code without proper escaping for single quotes ('). While the parameter is used to set a JavaScript variable, the lack of proper sanitization allows breaking out of the string context and injecting arbitrary code. Vulnerable Code Locations: app/index/view/default/public/header.html app/admin/view/default/public/header.html app/install/view/public/header.html Vulnerable Code Snippet: <script> {{if !empty($lang_data)}} {{foreach $lang_data as $k=>$v}} {{if !empty($k) and isset($v) and !is_array($v)}} var lang_{{$k}} = '{{$v}}'; {{/if}} {{/foreach}} {{/if}} ... ``` # Proof of Concept (PoC) http://target-ip/?lang=1%27;alert(234);var%20__test__=%271 # Impact Session Hijacking: Steal admin/user cookies via `document.cookie`. Phishing Attacks: Inject fake login forms or redirect users. Privilege Escalation: Modify admin settings if exploited in the backend.
Quelle⚠️ https://github.com/gongfuxiang/shopxo/issues/89
Benutzer
 jiashenghe (UID 39445)
Einreichung01.07.2025 08:23 (vor 10 Monaten)
Moderieren12.07.2025 23:26 (12 days later)
StatusAkzeptiert
VulDB Eintrag316265 [ShopXO bis 6.5.0 header.html lang/system_type Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Want to know what is going to be exploited?

We predict KEV entries!