Piwigo 12.3.0 — Stored XSS Vulnerability at Gallery title
Sep 30, 2022
Vulnerability Explanation:
Piwigo Version 12.3.0 has XSS vulnerabilities that allow attackers to store XSS via Gallery title input.
Affected Component:
http://[IP]/admin.php?page=configuration
Payload:
<image src/onerror=console.log("test_xss_at_Gallery_title")>
Tested on:
- Piwigo Version 12.3.0 https://piwigo.org/get-piwigoa
- Brave Version 1.44.101 Chromium: 106.0.5249.65 (Official Build) (64-bit)
Steps to attack:
1. First, we log in with an admin credential to the target application.
2. We click on Admin.
3. We click on Configuration > Options
4. We use payload as the Gallery title.
<image src/onerror=console.log("test_xss_at_Gallery_title")>
5. We click on the Save Settings button.
6. We press F12 to open develop tools and We found in the console tab The XSS payload will be executed.
Discoverer:
Grim The Ripper Team by SOSECURE Thailand