JobCareer | Job Board Responsive WordPress Theme v2.5 Stored XSS Injection - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1579045 漏洞类型
发布时间 2019-04-22 更新时间 2019-04-22
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019040200
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
[+] :: Title: JobCareer | Job Board Responsive WordPress Theme v2.5 Stored XSS Injection
[+] :: Author: QUIXSS
[+] :: Date: 2019-04-22
[+] :: Software: JobCareer | Job Board Responsive WordPress Theme v2.5
  
[?] :: Technical Details & Description:
# Weak security measures like bad input fields data filtering has been discovered in the «JobCareer | Job Board Responsive WordPress Theme». Current version of this WordPress premium theme is 2.5.

[?] :: Demo Website:
# https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636
# Frontend: http://jobcareer.chimpgroup.com/

[!] :: Special Note:
# 6.026 Sales

[!] :: PoC Injection:
# http://jobcareer.chimpgroup.com/candidate/asdasdasdasdasd/

[+] :: PoC [Stored XSS Injection]:
# Register a new account on the demo website: http://jobcareer.chimpgroup.com/ (no email validation plus auto redirect after u submit the registration form). Then go to the «Resume» profile tab: http://jobcareer.chimpgroup.com/candidate-dashboard/?profile_tab=resume
# Some ot input fields are vulnerable for Stored XSS Injections due to bad XSS filtering. Press the «+ Add new» link and use your payload only in the text editor area and only in the «Source» view (</> icon).
# Sample payload to bypass XSS filter: <h1>QUIXSS</h1>"><script>alert('QUIXSS')</script>"><img src="x" onerror="alert('QUIXSS');">