[CVE-2023-30177] Stored - Cross Site Script (XSS)

CraftCMS

Exploit Author: Dat Nguyen aka datnlq of VietSunshine Cyber Security Services

Vendor of Product: CraftCMS

Affected Product Code Base: 3.7.59

CVE: CVE-2023-30177

Description: CraftCMS 3.7.59 is vulnerable Cross Site Scripting (XSS). An attacker can inject javascript code into Volume Name.

Steps to reproduce:

  1. Create new Field (Settings -> Fields -> New Field) with type of Field Type is Assets

  2. Create new Volume (Settings -> Assets -> Volumes -> New Volume), inject malicious javascript code into Name Field and setting Field created at step 1 to Content.

  3. Create new Global set (Settings -> Globals -> New Global set). At Field Layout, create New Tab and add field that created at Step 1

  4. Go to Globals -> Click Global set created at Step 3 -> Choose 'Upload files' and upload arbitrary file to server

  5. Double click on the uploaded file at step 4, XSS will be executed

Last updated