DiliCMS icon indicating copy to clipboard operation
DiliCMS copied to clipboard
verified publisher icon chekun

Stored-XSS Vulnerability Found in System setting -> site setting-> POSTdata:site_name

Open fakerrr opened this issue 7 years ago • 0 comments

1、Login the backstage http://127.0.0.1/admin/index.php

2、Go to System setting->site setting image

3、add the following payload to the first textbox,and submit。 payload:site_name=DiliCMS'"/> image And then Stored-XSS triggered

fakerrr avatar Jan 10 '19 02:01 fakerrr