Thursday, April 29, 2021

CMSimple 5.2 - 'External' Stored XSS

# Exploit Title: CMSimple 5.2 - 'External' Stored XSS
# Date: 2021/04/07
# Exploit Author: Quadron Research Lab
# Version: CMSimple 5.2
# Tested on: Windows 10 x64 HUN/ENG Professional
# Vendor:

The CMSimple 5.2 allow stored XSS via the Settings > CMS > Filebrowser > "External:" input field.

[Attack Vectors]
The CMSimple cms "Filebrowser" "External:" input field not filter special chars. It is possible to place JavaScript code. 
The JavaScript code placed here is executed by clicking on the Page or Files tab.

[Proof of Concept]

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated