Landing-CMS has Storage Cross Site Scripting.

[SunJ3t]

First access the file management page, then click new file to upload the file, select the html file format.

http://192.168.187.2/assets/vendor/responsive_filemanager_9.12.1/filemanager/dialog.php

payload:<script>alert(document.cookie)</scrtipt>

When we input the file content as payload, we find that the front end does not allow input /, so we can capture the package and modify the content or paste the payload directly into the file content.

Right-click the file and select "show url", open the file URL to trigger xss.

When the administrator opens the file after uploading the file, it can also trigger xss.