Description: Multiple Cross-site scripting (XSS) reflected vulnerabilities in the evolution v.3.2.3 installation process Admin options allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters.
Attack Vectors: A vulnerability in the sanitization of the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters of the Database installation Admin options process allows JavaScript code to be injected.
During the installation process we enter the XSS payload in the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters and when we click on next, we will obtain the XSS pop-up.
'"><svg/onload=alert('admin_name')>
In the following image you can see the embedded code that executes the payload in the installation process.
And the result will be reflected with the pop-up of the following evidence: