[CVE-2022–36136]ChurchCRM Version 4.4.5 — Stored XSS Vulnerability at Deposit Commend

GrimTheRipper
Jul 11, 2022

--

Vulnerability Explanation:

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input Deposit Comment.

Affected Component:

http://ip_address:port/churchcrm/FindDepositSlip.php

Payload :

<img src="test" onerror=confirm("Grim-The-Ripper-Team-by-SOSECURE-Thailand")>

Tested on:

  1. ChurchCRM Version 4.4.5 https://github.com/ChurchCRM/CRM/releases/tag/4.4.5
  2. Google Chrome Version 103.0.5060.114 (Official Build) (64-bit)

Steps to attack:

  1. Login with admin credential.

2. Go to the “Deposit” as show in the picture and Click on the “View All Deposits” then click on the “Deposit Comment” enter the XSS payload and press the “Add New Deposit” button.

3. After press the “Add New Deposit” button The XSS payload will run immediately.

Discoverer:

Grim The Ripper Team by SOSECURE Thailand

Reference:

https://churchcrm.io
https://github.com/ChurchCRM/CRM/releases/tag/4.4.5

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

GrimTheRipper
GrimTheRipper

Written by GrimTheRipper

You get the best out of others when you give the best of yourself

No responses yet

What are your thoughts?