07FLYCMS, 07FLY-CMS, and 07FlyCRM Cross-Site Scripting Vulnerability in System Extension Module

A cross-site scripting (XSS) vulnerability has been identified in 07FLYCMS, 07FLY-CMS, and 07FlyCRM versions up to 1.2.9. The issue arises in the System Extension Module, specifically within an unknown function of the file '/admin/SysModule/edit.html'. The vulnerability allows authenticated users to inject malicious scripts by manipulating the 'Title' parameter, which is not properly sanitized before being output to other users. This flaw can be exploited remotely and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Reproduction

To reproduce this vulnerability, an authenticated user can navigate to the 'edit.html' page of the System Extension Module. Once there, the user can manipulate the 'Title' parameter by injecting a script payload, such as an image tag with an 'onerror' event. After submitting the injection, the payload will be executed, demonstrating the cross-site scripting vulnerability.