CVE-2021-39473 PoC — Saibamen HotelManager 跨站脚本漏洞

Source

https://github.com/BrunoTeixeira1996/CVE-2021-39473

Associated Vulnerability

Title:Saibamen HotelManager 跨站脚本漏洞 (CVE-2021-39473)
Description:Saibamen HotelManager是Saibamen个人开发者的用 Laravel 编写的用于管理酒店的 Web 应用程序。 Saibamen HotelManager v1.2版本存在安全漏洞，该漏洞源于其评论和联系方式字段的消毒不当，导致攻击者可以实现跨站脚本。

Readme

# CVE-2021-39473

## Affected Product Code Base
HotelManager - v1.2

## Affected Component
Kernel.php; Middleware

## Attack Type
Remote

## Attack Vectors
To exploit this vulnerability the user needs to create "rooms" or "guests" or "reservations" or "users" and in the "comment" or "contact" field can execute a xss payload without even doing any bypass.

This is a stored XSS since I was able to store payloads on endpoints (rooms, guests, ...) and trigger them using different accounts.

## Link to the issue
https://github.com/Saibamen/HotelManager/issues/49
https://github.com/Saibamen/HotelManager/issues/49

File Snapshot


 [4.0K]  /data/pocs/d2e633da71a49af332b20f3727542b14a16fa141
└── [ 615]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!