CVE-2022-28368 PoC — Dompdf 跨站脚本漏洞

Source

https://github.com/rvizx/CVE-2022-28368

Associated Vulnerability

Title:Dompdf 跨站脚本漏洞 (CVE-2022-28368)
Description:Dompdf是一个 HTML 到 PDF 的转换器。 Dompdf 1.2.1 版本存在跨站脚本漏洞，该漏洞允许通过@font-face级联样式表(CSS)语句的src:url字段中的.php文件远程执行代码。

Description

Dompdf RCE PoC Exploit - CVE-2022-28368

Readme

# CVE-2022-28368 - Dompdf RCE
Dompdf RCE PoC Exploit

![alt text](https://rvizx.github.io/cve-2022-28368/img.png?raw=true)

<p align="center"> <a href="https://www.exploit-db.com/exploits/51270"> <img src="https://rvizx.github.io/assets/exploitdb.png" alt="ExploitDB"> </a> </p>

Dompdf versions <1.2.1 are vulnerable to Remote Code Execution (RCE) by injecting CSS into the data. The file can be tricked into storing a malicious font with a .php file extension in its font cache, which can later be executed by accessing it from the web.

# Usage
```
git clone https://github.com/rvizx/CVE-2022-28368
cd  CVE-2022-28368
python3 -m pip install -r requirements.txt
python3 dompdf-rce.py --help
```

# Credits & Notes
Positive Security - https://positive.security/blog/dompdf-rce

File Snapshot


 [4.0K]  /data/pocs/3128187f74256087699948c4ce56910c0bf58e1f
├── [ 11K]  dompdf-rce.py
├── [ 778]  README.md
└── [  18]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!