doorGets v7.0 has a Stored Cross Site Scripting in ARTICLE CONTENT. 

A xss vulnerability was discovered in doorGets v7.0.
There is a stored XSS vulnerability in ARTICLE if I use the payload </textarea><script>alert(111)</script>.

First, you need to add article.
<img width="1561" alt="image" src="https://user-images.githubusercontent.com/27290132/74720264-791d4e80-5270-11ea-8ec5-759fd5d2faf3.png">
http://192.168.187.130/doorgets/dg-user/cn/?controller=moduleblog&uri=blog&action=add

Then add payload(</textarea><script>alert(111)</script>) to article content.
<img width="1452" alt="image" src="https://user-images.githubusercontent.com/27290132/74720282-80445c80-5270-11ea-8d40-f321922c1ea0.png">

Save the article and click the generated link.
<img width="974" alt="image" src="https://user-images.githubusercontent.com/27290132/74720295-85091080-5270-11ea-8d11-54cb9e04895e.png">

Change the content of an article.
<img width="1461" alt="image" src="https://user-images.githubusercontent.com/27290132/74720304-89352e00-5270-11ea-9a57-6c4d6c5c7cee.png">

When you click the article content, it will trigger the payload.
<img width="1123" alt="image" src="https://user-images.githubusercontent.com/27290132/74720311-8d614b80-5270-11ea-8261-68e4c7a2070a.png">

View page source, you will find the XSS payload.
<img width="1353" alt="image" src="https://user-images.githubusercontent.com/27290132/74720338-98b47700-5270-11ea-9bc0-53d0a300b7f5.png">


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

doorGets v7.0 has a Stored Cross Site Scripting in ARTICLE CONTENT. #16

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

doorGets v7.0 has a Stored Cross Site Scripting in ARTICLE CONTENT. #16

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions