SofaWiki 3.9.2 Cross Site Scripting

# Exploit Title: SofaWiki 3.9.2 – Reflected XSS (Authenticated) via Regex
Replace Preview
# Date: 10/17/2024
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://www.sofawiki.com
# Software Link: https://www.sofawiki.com/site/files/snapshot.zip
# Version: 3.9.2
# Tested on: Windows XP

*Summary:*

A *reflected XSS* vulnerability exists in the *Regex Replace Preview*
feature of SofaWiki. When a malicious payload is injected into the *Replace*
field, the payload is executed immediately in the user’s browser during the
preview.
Proof of Concept (PoC):

1. Login to SofaWiki.
2. Go to Special => Regex :
http://localhost/sofawiki/index.php?action=view&name=special:regex&lang=en

3. In the Regex field, enter any text (e.g., test).
4. In the Replace field, inject the following payload:

<script>alert(‘XSS’);</script>

5. Click Replace Preview to trigger the XSS.

نوشته های مشابه