skycaiji-v2.5.4 has a backend xss vulnerability
Firstly, you can download the source code from the following website
https://down.chinaz.com/api/index/download?id=38972&type=code
Directly place it in the root directory of the website, access the server IP, and follow the prompts to install
After installation, log in to the backend.
Click to the above function point
This is a JSON parsing function, but there is no complete xss protection in place.
We can construct a file that returns the JSON format ourselves, then access it, and return it to the JSON format with xss to trigger the xss code in the background.
1 |
|
This string of code will return a JSON data with malicious payload.
We will deploy it on our own VPS and induce the backend administrator to parse its data, and we will find that the successful triggering of the xss code
Attackers can use this vulnerability to do anything that JavaScript code can do