CMS MADE SIMPLE FORGE

CMS Made Simple Core

 
Back Back to List

[#12148] Reflected XSS in Site Admin> Module Manager> Search Term

avatar
Created By: Chetan Madkam (Cyb3rnaut)
Date Submitted: Thu Sep 19 05:46:48 -0400 2019

Assigned To:
Version: 2.2.11
CMSMS Version: 2.2.11
Severity: Major
Resolution: Fixed
State: Closed
Summary:
Reflected XSS in Site Admin> Module Manager> Search Term
Detailed Description:
1)login with admin 
2) go to site Admin> Module manager> Search Term:
3) enter the xss payload  "><img src=x onerror=alert(document.cookie)>   for
payload execution.


History

Comments
avatar 
Date: 2020-11-03 14:51
Posted By: Rolf (rolf1)

Already fixed in previous releases
Updates

Updated: 2020-11-03 14:51
resolution_id: 5 => 7
assigned_to_id: 106 => 100
state: Open => Closed

Updated: 2019-10-03 07:16
resolution_id: => 5
assigned_to_id: 100 => 106