CVE-2020-13889 PoC — Bludit 跨站脚本漏洞

Source

https://github.com/gh0st56/CVE-2020-13889

Associated Vulnerability

Title:Bludit 跨站脚本漏洞 (CVE-2020-13889)
Description:Bludit是一套开源的轻量级博客内容管理系统（CMS）。 Bludit 3.12.0版本中的管理面板的‘showAlert()’函数存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

Description

CVE-2020-13889. The admin page of bludit have an XSS in the showAlert() function that dont sanitize user input leading them to execute an malicious code.

Readme

Author: Andre k Lorenci
Contact: avlorenci@gmail.com

CVE-2020-13889

Hello, this vulnerability consists in a function called showAlert() in the administration panel of bludit,that when accessed in DOM, allows users define the text to be popped up in the message box. But this function dont have any sanatization and the user can inject any javascript code or even HTML in the page

To demonstrate this function return I used the web development toolkit to pass a XSS code as argument of that function.

![XSS in admin page](https://github.com/gh0st56/bludit-DOM-xss/blob/master/xss-bludit.jpg)

the payload used was:
showAlert("<script>alert(1)</script>");

The versions that i tested was the Bludit 3.x. 

Thank you.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13889

File Snapshot


 [4.0K]  /data/pocs/5158e494ce43449e0cca8a74870f5e03224434c1
├── [1.0K]  LICENSE
├── [ 782]  README.md
├── [4.0K]  Scanner
│   ├── [1.7K]  cve-2020-13889.py
│   ├── [ 406]  README.md
│   └── [  24]  requirements.txt
└── [ 56K]  xss-bludit.jpg

1 directory, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!