POC详情: 5d7fbfba749197d517019c6f41b0b9ff737d8024

来源
关联漏洞
标题: CamaleonCMS 安全漏洞 (CVE-2024-48652)
描述:CamaleonCMS是CamaleonCMS团队的一套基于RubyonRails的高级动态内容管理系统(CMS)。 CamaleonCMS v2.7.5版本存在安全漏洞,该漏洞源于存在跨站脚本漏洞,允许远程攻击者通过内容组名称字段执行任意代码。
描述
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field
介绍
# CVE-2024-48652
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field

Steps to Reproduce:

1.Open the URL: http://127.0.0.1/admin/dashboard

2.Log in using admin credentials.

3.Navigate to the "Settings" section.

4.Click on "Content Groups."

5.Choose the "Edit" option for a content group.

6.In the "Name" field, input the following XSS payload:

```python
"><img src=x onload=alert(1)>
```
7.Save the changes.
8.Refresh the page or navigate to another section.
9.The XSS payload will trigger, and an alert with "1" will pop up.

Vulnerability Type :Cross Site Scripting (XSS)

Vendor of Product:Camaleon-Cms

Affected Product Code Base : camaleon-cms - 2.7.5

Affected Component :Camaleon CMS Settings - Content Group Name Field

Attack Type:Remote

Attack Vectors:
The attack vector involves a logged-in admin user modifying the "Content Group" name field to include a malicious script. This script executes in the context of other users who view the affected content, leading to potential data theft or session hijacking.

Reference:

https://github.com/owen2345/camaleon-cms/blob/master/CHANGELOG.md

https://owasp.org/www-community/attacks/xss/

https://drive.google.com/drive/folders/1MdN4Nv0WKvD3oFANVsmBvWJtZslbYPAN?usp=sharing
文件快照

[4.0K] /data/pocs/5d7fbfba749197d517019c6f41b0b9ff737d8024 ├── [1.3K] README.md └── [ 95K] xss_incamleon_cms.png 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。