| タイトル | Mayan EDMS CMS 4.10 Cross Site Scripting |
|---|
| 説明 | A DOM-based Cross-Site Scripting (XSS) vulnerability was identified in the Mayan EDMS web interface. The application reflects user-controlled data directly into a JavaScript context without proper sanitization, allowing an attacker to execute arbitrary JavaScript in the victim’s browser.
This issue can lead to account takeover, data exfiltration, privilege escalation, or full compromise of the affected user session.
The vulnerable code is located in the client-side template rendering logic responsible for handling dynamic navigation:
'''
<script> if (typeof partialNavigation === 'undefined') { document.write('<script type="text/undefined">') const currentLocation = '#' + window.location.pathname + window.location.search; const url = new URL(currentLocation, window.location.origin) window.location = url; } </script>
'''
User-controlled data from window.location is passed into JavaScript without sanitization, which makes it possible to inject executable code.
|
|---|
| ソース | ⚠️ https://github.com/ionutluca888/Mayan-EDMS-XSS-POC |
|---|
| ユーザー | luca_irinel (UID 85391) |
|---|
| 送信 | 2025年12月10日 09:43 (5 月 ago) |
|---|
| モデレーション | 2025年12月14日 11:41 (4 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 336409 [Mayan EDMS 迄 4.10.1 /authentication/ クロスサイトスクリプティング] |
|---|
| ポイント | 20 |
|---|