关联漏洞
标题:
Vanilla 跨站脚本漏洞
(CVE-2020-8825)
描述:Vanilla 2.6.3版本中的index.php?p = / dashboard / settings / branding存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
描述
VanillaForum 2.6.3 allows stored XSS.
介绍
# CVE-2020-8825
<p align="center">
<img src="https://github.com/hacky1997/CVE-2020-8825/blob/master/cve.jpg" alt = "cve">
</p>
## Publish:
[CVE-2020-8825](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8825)
## Vendor:
PHP VanillaForum
## Description:
The vulnerability exists due to insufficient sanitization of user-supplied data passed to "index.php?p=/dashboard/settings/branding" URL. A remote attacker can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
## Environment:
Version: 2.6.3
OS: Windows 10, Linux
PHP: 7
URL: index.php?p=/dashboard/settings/branding
## Proof of Concept:
<p align="center">
<img src="https://github.com/hacky1997/CVE-2020-8825/blob/master/vanilla.png" alt="vanilla">
</p>
## Assigned by:
[Sayak Naskar](https://github.com/hacky1997/)
文件快照
[4.0K] /data/pocs/afff47f397080e2ce50316617020c31d89af3a4d
├── [ 15K] cve.jpg
├── [1.0K] LICENSE
├── [1.1K] README.md
└── [ 36K] vanilla.png
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。