Advertisement






InstantCMS 2.16.1 Cross Site Scripting

CVE Category Price Severity
CWE-79 N/A High
Author Risk Exploitation Type Date
Unknown High Remote 2024-02-20
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024020066

Below is a copy:

InstantCMS 2.16.1 Cross Site Scripting
# Exploit Title: InstantCMS - Store XSS
# Application: InstantCMS 
# Version: v2.16.1   
# Bugs: Stored XSS
# Technology: PHP
# Vendor Homepage: https://instantcms.ru/
# Software Link: https://instantcms.ru/get
# Date: 14.09.2023
# Author: SoSPiro
# Tested on: Windows

## Description

I noticed that you filtered the filter very carefully. But there are still some parts you missed


## POC

1 . Login with admin
2 . Go to "http://localhost/o2/admin/menu/item_edit/18"
3 . Insert payload in CSS class
4 . Click save , and go to home page, and Detect store xss in footer
https://drive.google.com/file/d/1_9QGoBnbZZrsHUgNkujja1Ptj3f8fl2W/view?usp=sharing


## Impact

This security vulnerability has the potential to steal multiple users' cookies, gain unauthorized access to that user's account through stolen cookies, or redirect the user to other malicious websites...

## Bug fix commit

https://github.com/instantsoft/icms2/commit/b2172a0f842fc28966b00bab3e2e9094c6bfd156


## Reference

https://huntr.com/bounties/18546c85-de6a-4252-a02f-c9d26f4f775e/

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum