https://pwnwiki.com/index.php?action=history&feed=atom&title=Xwiki_CMS_12.10.2_XSS%E6%BC%8F%E6%B4%9EXwiki CMS 12.10.2 XSS漏洞 - Revision history2026-04-20T23:35:45ZRevision history for this page on the wikiMediaWiki 1.35.1https://pwnwiki.com/index.php?title=Xwiki_CMS_12.10.2_XSS%E6%BC%8F%E6%B4%9E&diff=1298&oldid=prevPwnwiki: Created page with "==XSS== <pre> # Exploit Title: Xwiki CMS 12.10.2 - Cross Site Scripting (XSS) # Date: 17-01-2021 # Exploit Author: Karan Keswani # Vendor Homepage: https://www.xwiki.org/xwiki..."2021-04-09T08:17:04Z<p>Created page with "==XSS== <pre> # Exploit Title: Xwiki CMS 12.10.2 - Cross Site Scripting (XSS) # Date: 17-01-2021 # Exploit Author: Karan Keswani # Vendor Homepage: https://www.xwiki.org/xwiki..."</p>
<p><b>New page</b></p><div>==XSS==<br />
<pre><br />
# Exploit Title: Xwiki CMS 12.10.2 - Cross Site Scripting (XSS)<br />
# Date: 17-01-2021<br />
# Exploit Author: Karan Keswani<br />
# Vendor Homepage: https://www.xwiki.org/xwiki/bin/view/Main/WebHome<br />
# Software Link: https://www.xwiki.org/xwiki/bin/view/Download/<br />
# Version: Xwiki CMS- 12.10.2<br />
# Tested on: Windows 10<br />
<br />
# Description: XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.<br />
<br />
# Additional Information:<br />
Well I found this vulnerability in Xwiki project based websites but they did not respond so i installed a latest version of Xwiki CMS and hosted on localhost with help of Wamp and then i exploited that vulnerability.<br />
<br />
# Attack Vector:<br />
1) Create 2 accounts:- 1)Victim & 2)Attacker<br />
2) Login with victim account, there is a option to create new dashboard and there is page says give title and type.( Type of Dashboard:-I created simple page)<br />
3) Now save view the page,<br />
4) Now login with attacker account and search and open the dashboard which has been created by victim,<br />
5) When you open the dashboard there is a comment section option, Go to that comment section & add a comment,there is a upload functionality,<br />
6) So i tried to upload a sample svg file to check that it will allow to upload .svg format<br />
7) Now i created a text file with XSS payload and then saved it as a .svg format<br />
8) Upload your .svg file and click on send it to the server and click ok (your comment will be add)<br />
9) Now open that comment with the victim account and click on that view image you'll see the xss pop-up.<br />
<br />
Xss Payload:-<br />
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><br />
<svg<br />
<br />
onload="alert('xss')"<br />
xmlns="http://www.w3.org/2000/svg"><br />
</svg><br />
</pre></div>Pwnwiki