SeedDMS 跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1633806 漏洞类型 跨站脚本
发布时间 2019-06-25 更新时间 2019-06-25
CVE编号 CVE-2019-12801 CNNVD-ID CNNVD-201906-659
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019060161
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201906-659
|漏洞详情
SeedDMS(前称LetoDMS和MyDMS)是一套基于PHP和MySql的开源文档管理系统。该系统主要用于存储和共享文档。 SeedDMS 5.1.11版本中的out/out.GroupMgr.php文件存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
|漏洞EXP
# Exploit Title: [Persistent Cross-Site Scripting or Stored XSS in out/out.GroupMgr.php in SeedDMS before 5.1.11]
# Google Dork: [NA]
# Date: [17-June-2019]
# Exploit Author: [Nimit Jain](https://www.linkedin.com/in/nimitiitk)(https://secfolks.blogspot.com)
# Vendor Homepage: [https://www.seeddms.org]
# Software Link: [https://sourceforge.net/projects/seeddms/files/]
# Version: [< 5.1.11] (REQUIRED)
# Tested on: [NA]
# CVE : [CVE-2019-12801]

Proof-of-Concept:

Step 1: Login to the application and go to Groups Management in Admin tools.
Step 2: Now create a new group as hello<script>alert("group")</script>
Step 3: Now save it click on choose group to execute the javascript inserted above.
|参考资料

来源:sourceforge.net

链接:https://sourceforge.net/p/seeddms/code/ci/master/tree/CHANGELOG


来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-12801