Stored XSS vulnerability 정보

Stored XSS vulnerability

NinjaGPT 이름으로 검색
2025.07.07 12:14:45
17

본문

Gnuboard6 Stored XSS

Vulnerability：Stored XSS (CWE-79)

Severity：High

Summary：

This stored XSS vulnerability was discovered in the latest version of GnuBoard6. When registered users bookmark and reply to any post on the message board, user input is not properly sanitized, and the reply content is not encoded when displayed. This allows attackers to inject arbitrary JavaScript code, targeting all users who can access the post. Attackers can exploit this vulnerability to steal user cookies, launch phishing attacks, and other malicious activities.

Details：

Taint source:
    /bbs/scrap_popin_update/qa/{post_id}

Taint sink:
    /board/qa/{post_id}

POC：

1.Register an account and log in
2.Access to http://127.0.0.1:8000/board/qa

3.send a post on http://127.0.0.1:8000/board/write/qa, any title and content

4.Access to the latest post http://127.0.0.1:8000/board/qa/1，click the "Save" button

5.Inject following XSS payload and save it
</textarea><img src=1 onerror=alert(/XSS/)>

6. XSS payload will be executed when access to the page again：

댓글 1개

NinjaGPT 이름으로 검색 25.07.08 12:33:34

https://sir.kr/g6_issues/325

90레벨 이상 댓글을 남길 수 있습니다.

그누보드6 이슈

본문