44 lines
No EOL
1.4 KiB
Text
44 lines
No EOL
1.4 KiB
Text
#######################################
|
|
# Exploit Title: Joomla! Component JS Jobs 1.2.0 - Cross Site Scripting
|
|
# Google Dork: N/A
|
|
# Date: 03-04-2018
|
|
#######################################
|
|
# Exploit Author: Sureshbabu Narvaneni#
|
|
#######################################
|
|
# Author Blog : http://nullnews.in
|
|
# Vendor Homepage: https://www.joomsky.com/products/js-jobs.html
|
|
# Software Link: https://www.joomsky.com/5/download/1.html
|
|
# Affected Version: 1.2.0
|
|
# Category: WebApps
|
|
# Tested on: Win7 Enterprise x86/Kali Linux 4.12 i686
|
|
# CVE : CVE-2018-9183
|
|
#
|
|
# 1. Vendor Description:
|
|
#
|
|
# JS Jobs offer to employer to register his company and post jobs. Job
|
|
seeker register him self and add his resume.
|
|
# He can search job and apply on it. Employer will get resume in applied
|
|
resume section.
|
|
#
|
|
# 2. Technical Description:
|
|
#
|
|
# JS Jobs 1.2.0 is missing validation on URL inserted by attacker/employer
|
|
while creating company entry.
|
|
#
|
|
# 3. Proof Of Concept:
|
|
#
|
|
# Create a company entry by logging in as Employer and paste below payload
|
|
in place of URL field.
|
|
#
|
|
# Payload : javascript:alert(1) or
|
|
data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K
|
|
#
|
|
# 4. Solution:
|
|
#
|
|
# Upgrade to latest release.
|
|
# http://www.joomsky.com/5/download/1.html
|
|
#
|
|
# 5. Reference:
|
|
# https://vel.joomla.org/resolved/2146-js-jobs-1-2-0-xss-cross-site-scripting
|
|
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9183
|
|
##################################### |