a8cb58b3e5
5 changes to exploits/shellcodes PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated) Prestashop blockwishlist module 2.1.0 - SQLi Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS) ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting (XSS) ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)
19 lines
No EOL
794 B
Text
19 lines
No EOL
794 B
Text
# Exploit Title: ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)
|
|
# Date: 03/08/2022
|
|
# Exploit Author: Steffen Langenfeld & Sebastian Biehler
|
|
# Vendor Homepage: https://thingsboard.io/
|
|
# Software Link: https://github.com/thingsboard/thingsboard/releases/tag/v3.3.1
|
|
# Version: 3.3.1
|
|
# Tested on: [relevant os]
|
|
# CVE : CVE-2021-42751
|
|
# Tested on: Linux
|
|
|
|
#Proof-Of-Concept:
|
|
When creating a rule node (any) and putting a script payload inside the description of the rule node, it is executed upon hovering above the node within the editor.
|
|
|
|
#Steps
|
|
|
|
1. Create a new rule node (via the menu "Rule chains")
|
|
2. Put a javascript payload within the description e.g <script>alert('XSS')</script>
|
|
3. Save the node
|
|
4. Upon hovering above the node within the editor the payload is executed |