Piwigo 12.3.0 — Stored XSS Vulnerability at Tags

Vulnerability Explanation:

Piwigo Version 12.3.0 has XSS vulnerabilities that allow attackers to store XSS via tag input.

Affected Component:

http://[IP]/admin.php?page=tags

Payload:

<image src/onerror=console.log("test_xss_at_Tags")>

Tested on:

1. Piwigo Version 12.3.0 https://piwigo.org/get-piwigoa
2. Brave Version 1.44.101 Chromium: 106.0.5249.65 (Official Build) (64-bit)

Steps to attack:

1. First, we log in with an admin credential to the target application.

2. We click on Admin.

3. We click Photos > Tags

4. We click on Add a tag button.

5. We use payload as tag.

<image src/onerror=console.log("test_xss_at_Tags")>

6. We press enter.

7. We press F12 to open develop tools and We found in the console tab The XSS payload will be executed.

Discoverer:

Grim The Ripper Team by SOSECURE Thailand

Reference:

https://piwigo.org/