关联漏洞
标题:
OroPlatform 安全漏洞
(CVE-2024-50677)
描述:OroPlatform是Oro开源的一个 PHP 业务应用程序平台 (BAP),旨在使自定义业务应用程序的开发更容易、更快。 OroPlatform v5.1版本存在安全漏洞,该漏洞源于容易受到跨站脚本攻击,攻击者可以通过构造的有效载荷注入到Search参数中执行任意网页脚本或HTML。
描述
This repository presents a proof-of-concept of CVE-2024-50677
介绍
# CVE-2024-50677 | Two-Click Reflected XSS in OroPlatform CMS v5.1
This repository presents a proof-of-concept of CVE-2024-50677
## Disclaimer:
This code is a proof of concept of the vulnerability. I will not be held responsible for any use of this exploit.
## Description:
CVE-2024-50677 refers to a two-click reflected XSS that is present in default configurations of OroPlatform CMS v5.1, specifically the Demo platform here: https://github.com/oroinc/docker-demo
The vulnerability lies within how the application controls user input to the search function, if a user clicks on the search bar in the webpage's UI that has javascript as a query such as
```
<script>alert(1)</script>
```
The application will then load and execute this javascript freely.
This CVE was discovered by @ZumiYumi
## POC:
1. Attacker crafts a payload:
```
http://vulnerable-website/product/search?search=%3Cscript%3Ealert(1)%3C%2Fscript
```
2. Attacker phishes a user to click it.
3. Victim clicks on the search bar, or chained with another vulnerability to click the search bar.
4. Javascript executes.
## Versions Concerned:
* OroPlatform CMS v5.1
## References:
https://www.cve.org/CVERecord?id=CVE-2024-50677
文件快照
[4.0K] /data/pocs/e732aca0da70bb585e303c80367f00bde16a77ca
└── [1.2K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。