Summary
By manipulating the news parameter in a POST request, an attacker can inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS payload triggers.
PoC
- Edit a FAQ news, intercept the request and modify the
news parameter in the POST body with the following payload: %3cscript%3ealert('xssContent')%3c%2fscript%3e
- Browse to the particular news page and the XSS should pop up.
Impact
This allows an attacker to execute arbitrary client side JavaScript within the context of another user's phpMyFAQ session
kevinnivekkevin Reporter
Summary
By manipulating the news parameter in a POST request, an attacker can inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS payload triggers.
PoC
newsparameter in the POST body with the following payload:%3cscript%3ealert('xssContent')%3c%2fscript%3eImpact
This allows an attacker to execute arbitrary client side JavaScript within the context of another user's phpMyFAQ session