CVE-2017-9609 PoC — Blackcat CMS 跨站脚本漏洞

Source

https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc

Associated Vulnerability

Title:Blackcat CMS 跨站脚本漏洞 (CVE-2017-9609)
Description:BlackCat CMS是Black Cat团队开发的一套基于PHP5和HTML5的内容管理系统（CMS）。 Blackcat CMS 1.2版本中存在跨站脚本漏洞。远程攻击者可通过向backend/pages/lang_settings.php文件发送‘map_language’参数利用该漏洞注入任意的Web脚本或HTML。

Description

BlackCat-CMS-Bundle-v1.2 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-9609

Readme

# Blackcat-cms-v1.2-xss-POC-by-Provensec-llc
BlackCat-CMS-Bundle-v1.2 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-9609

File Snapshot


 [4.0K]  /data/pocs/4edd6af652a08f94e4f84f0611267d2dece54e7b
├── [239K]  Blackcat cms v1.2 xss POC by Provensec llc.pdf
└── [ 131]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!