CMS MADE SIMPLE FORGE

CMS Made Simple Core

 

[#12148] Reflected XSS in Site Admin> Module Manager> Search Term

avatar
Created By: Chetan Madkam (Cyb3rnaut)
Date Submitted: Thu Sep 19 05:46:48 -0400 2019

Assigned To: Robert Campbell (calguy1000)
Version: 2.2.11
CMSMS Version: 2.2.11
Severity: Major
Resolution: None
State: Open
Summary:
Reflected XSS in Site Admin> Module Manager> Search Term
Detailed Description:
1)login with admin 
2) go to site Admin> Module manager> Search Term:
3) enter the xss payload  "><img src=x onerror=alert(document.cookie)>   for
payload execution.


History

Updates

Updated: 2019-10-03 07:16
resolution_id: => 5
assigned_to_id: 100 => 106