Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-33977 PoC — Kiwi TCMS 跨站脚本漏洞

Source
https://github.com/mnqazi/CVE-2023-33977
Associated Vulnerability
Title:Kiwi TCMS 跨站脚本漏洞 (CVE-2023-33977)
Description:Kiwi TCMS是Kiwi TCMS开源的一个用于手动和自动测试的领先开源测试管理系统。 Kiwi TCMS 12.4之前版本存在跨站脚本漏洞,该漏洞源于允许用户将附件上传到测试计划、测试用例等,为了防止上传具有潜在危险的文件,引入了 Content-Security-Policy ,但并非100%可靠。
Description
Read more at Medium
Readme
# CVE-2023-33977

# Stored XSS Via SVG Upload in kiwitcms/kiwi - by M Nadeem Qazi

## Description

This repository addresses the stored XSS vulnerability discovered in the kiwitcms/kiwi application, which was assigned the CVE-2023-33977 identifier. The vulnerability allows for the execution of malicious scripts via SVG file uploads. When an SVG file containing the payload is uploaded, the script gets executed in the context of the victim's browser, potentially leading to data theft, account compromise, and the distribution of malware.

## Proof of Concept

A detailed proof of concept for this vulnerability can be found in the following video:

[![Proof of Concept](https://img.youtube.com/vi/73qXeC8vUFg/0.jpg)](https://www.youtube.com/watch?v=73qXeC8vUFg)

## Impact

The impact of this vulnerability is significant and poses a serious risk to the security and integrity of the kiwitcms/kiwi application. Attackers can leverage this vulnerability to inject malicious scripts into the website, potentially allowing them to steal sensitive information, hijack user sessions, deface the website, manipulate content, and launch phishing attacks. These actions can result in reputational damage, compromised user accounts, and the dissemination of malware throughout the system.

## References

For more details on this vulnerability, please refer to the following resources:

- [huntr.dev Report](https://huntr.dev/bounties/19470f0b-7094-4339-8d4a-4b5570b54716/)
- [Medium Blog - Stored XSS Via SVG Upload in kiwitcms/kiwi](https://medium.com/@mnqazi/stored-xss-vulnerability-in-kiwitcms-kiwi-cve-2023-33977-1234567890)

You can also follow me for updates on my research and other security-related topics:

- Instagram: [@mnqazi](https://www.instagram.com/mnqazi)
- Twitter: [@mnqazi](https://twitter.com/mnqazi)
- Facebook: [@mnqazi](https://www.facebook.com/mnqazi)
- LinkedIn: [M Nadeem Qazi](https://www.linkedin.com/in/m-nadeem-qazi)

Let's prioritize security and protect our systems from potential threats. Stay vigilant! 💻🔒
File Snapshot

 [4.0K]  /data/pocs/411322f683d55f089838e81c6f7b15baa5a69c41
└── [2.0K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.