Open in app

Sign in

Write

Sign in

Home

Following

Library

Stories

Stats

Textpattern 4.8.7 is affected by HTML injection in the Body parameter.

Tanmay Bhattacharjee
Sep 3, 2021

--

#Exploit Title: Textpattern CMS v4.8.7 “Content>Write>Body” — HTMLi
# Exploit Author: Tanmay Bhattacharjee
# Vendor Homepage: https://www.textpattern.co
# Software Link: https://textpattern.com/start
# Version: 4.8.7
# Tested on: Ubuntu

Vulnerable Parameters: Body.

Attack Vector:
This vulnerability can results attacker to inject the HTML src & href attributes payload into the body parameter.

HTML Injection Quick Reference

Annotated concepts and examples for HTML injection (cross-site scripting) tests

mutantzombie.github.io

Steps-To-Reproduce:
1. Login into Textpattern CMS admin panel.
2. Now go to the Content > Write > Body.
3. Now paste the below payload in the URL field.
<script src=”data:,alert(document.cookie)”></script>
4. Now click on publish button and click on view button. Boom Boom Boom
5. The HTML payload triggered successfully and give us cookie info with user information.

No bruteforcing, happy with manual testing.

Have a nice day.

Thanks,

Tanmay

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

Tanmay Bhattacharjee
Tanmay Bhattacharjee

Written by Tanmay Bhattacharjee

96 Followers
258 Following

Continuos Learner

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech