Submit #830013: Intelliants Subrion CMS 4.0.3 Cross Site Scriptinginfo

TitleIntelliants Subrion CMS 4.0.3 Cross Site Scripting
DescriptionStored Cross-Site Scripting (XSS) in endpoint Blocks field CSS class name Summary A Stored Cross-Site Scripting (XSS) vulnerability was identified in the Blocks endpoint of the Subrion CMS application. This vulnerability allows attackers to inject malicious scripts into the CSS class name field. The injected scripts are stored on the server and executed automatically. Details Vulnerable Endpoint: Blocks Parameter: CSS class name The application fails to properly validate and sanitize user inputs in the CSS class name field. This lack of validation allows attackers to inject malicious scripts, which are then stored on the server. PoC Step by Step: Access admin dashboard and click on "Edit Blocks" button: Image 1: https://hackmd.io/_uploads/HkIHzcmJfg.png In "Blocks" page, click on "Add Block" button to setup a new entry: Image 2: https://hackmd.io/_uploads/B1yUzcX1Ge.png Insert the payload in the "CSS class name" field and type anything on another required fields: Image 3: https://hackmd.io/_uploads/ByrIGq7kMg.png Scroll down and click on "Add": Image 4: https://hackmd.io/_uploads/S1o8m5Q1Ml.png The payload will be activated automatically: Image 5: https://hackmd.io/_uploads/SkktMqXyfg.png Payload: "><img src=x onerror=alert('CVE-Hunters2')> Impact Stealing session cookies: Attackers can use stolen session cookies to hijack a user's session and perform actions on their behalf; Downloading malware: Attackers can trick users into downloading and installing malware on their computers; Hijacking browsers: Attackers can hijack a user's browser or deliver browser-based exploits; Stealing credentials: Attackers can steal a user's credentials; Obtaining sensitive information: Attackers can obtain sensitive information stored in a user's account or in their browser; Defacing websites: Attackers can deface a website by altering its content. Finder Discovered by Karina Gante. Official Member of CVE-Hunters????
Source⚠️ https://hackmd.io/@noka/B1sue5Xkzl
User
 karinagante (UID 88113)
Submission05/14/2026 20:29 (1 month ago)
Moderation06/14/2026 13:47 (1 month later)
StatusAccepted
VulDB entry370845 [Intelliants Subrion CMS up to 4.0.3 Blocks Endpoint CSS class name cross site scripting]
Points20

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!