SofaWiki 3.9.2 Cross Site Scripting
# Exploit Title: SofaWiki 3.9.2 – Reflected XSS (Authenticated) via Regex
Replace Preview
# Date: 10/17/2024
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://www.sofawiki.com
# Software Link: https://www.sofawiki.com/site/files/snapshot.zip
# Version: 3.9.2
# Tested on: Windows XP
*Summary:*
A *reflected XSS* vulnerability exists in the *Regex Replace Preview*
feature of SofaWiki. When a malicious payload is injected into the *Replace*
field, the payload is executed immediately in the user’s browser during the
preview.
Proof of Concept (PoC):
1. Login to SofaWiki.
2. Go to Special => Regex :
http://localhost/sofawiki/index.php?action=view&name=special:regex&lang=en
3. In the Regex field, enter any text (e.g., test).
4. In the Replace field, inject the following payload:
<script>alert(‘XSS’);</script>
5. Click Replace Preview to trigger the XSS.