CVE-2024-28715 PoC — DoraCMS 安全漏洞

Source

https://github.com/Lq0ne/CVE-2024-28715

Associated Vulnerability

Title:DoraCMS 安全漏洞 (CVE-2024-28715)
Description:DoraCMS是一个应用软件。基于Nodejs + eggjs + mongodb编写的一套内容管理系统。 DoraCMS v.2.1.8及之前版本存在安全漏洞，该漏洞源于存在跨站脚本漏洞，允许远程攻击者通过/app/public/apidoc/oas3/wrap-components/markdown.jsx端点中的markdown0函数执行任意代码。

Readme

# CVE-2024-28715
**[CVE ID]**

CVE-2024-28715

**[PRODUCT]**

DoraCMS

**[Version]**

DoraCMS v2.18 and before

**[PROBLEM TYPE]**

Dom-based XSS.

**[DESCRIPTION]**

Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint.

**[Usage]**

https://[target-site]/static/apidoc/index.html?url=https://[your-site]/POC.yaml

File Snapshot


 [4.0K]  /data/pocs/57e01dc0a1b70e8ef371e352086a7c77be5d15ff
├── [251K]  POC.yaml
└── [ 473]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!