Stored XSS In Funboot V1.1

Vulnerability Product:funboot 
Vulnerability version: v1.1
Vulnerability type: Stored XSS
Vulnerability Details:
<script>alert(document.cookie)</script>
the Stored XSS payload could let admin causes disclosure of cookies、root path of websites、variables of PHP and stuff
1. First, log in: https://www.funboot.net/backend/site/login
Default account: test
Default password: 123456
![image](https://github.com/funson86/funboot/assets/109197048/e0d74ae3-1602-4983-8387-ef560ee1d948)

2. After logging in, create a message here in the message list
![image](https://github.com/funson86/funboot/assets/109197048/2fe5dd07-683a-4d30-a445-41f34d05eec9)

3. When creating a message, users, titles, and content can be selected

It is found that the title can construct malicious code storage type XSS to obtain user information and access it through the network
![image](https://github.com/funson86/funboot/assets/109197048/82c44ef8-e923-4378-93d1-9b5dbbae8c3f)

4. Clicking on 'sent' will reveal the pop-up cookie information
![image](https://github.com/funson86/funboot/assets/109197048/aadef49e-1098-4a28-9d21-e028cb52eeac)

Prove the existence of stored xss



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Stored XSS In Funboot V1.1 #2

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Stored XSS In Funboot V1.1 #2

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions