Textpattern 4.8.7 is affected by HTML injection in the Body parameter.

#Exploit Title: Textpattern CMS v4.8.7 “Content>Write>Body” — HTMLi
# Exploit Author: Tanmay Bhattacharjee
# Vendor Homepage: https://www.textpattern.co
# Software Link: https://textpattern.com/start
# Version: 4.8.7
# Tested on: Ubuntu

Vulnerable Parameters: Body.

Attack Vector:
This vulnerability can results attacker to inject the HTML src & href attributes payload into the body parameter.

Steps-To-Reproduce:
1. Login into Textpattern CMS admin panel.
2. Now go to the Content > Write > Body.
3. Now paste the below payload in the URL field.
<script src=”data:,alert(document.cookie)”></script>
4. Now click on publish button and click on view button. Boom Boom Boom
5. The HTML payload triggered successfully and give us cookie info with user information.

No bruteforcing, happy with manual testing.

Have a nice day.

Thanks,

Tanmay

Penetration Tester@⠎⠓⠁⠗⠍⠊⠞⠁⠝⠍⠁⠽

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Cooking chocolate cake Hack Free Resources Generator

LuxFi Forms Strategic Partnership with AdEx

LuxFi Forms Strategic Partnership with AdEx

Understanding kerberos: The single sign on authentication system

CoinRadr Got Listed On Bibox

{UPDATE} Dungeon Crawlers Hack Free Resources Generator

What’s Anti-Phishing and how to get your own code?

GB WhatsApp may be Dangerous for your Privacy and Security — Gyan Goggles

7 Cyber Career Realms

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tanmay Bhattacharjee

Tanmay Bhattacharjee

Penetration Tester@⠎⠓⠁⠗⠍⠊⠞⠁⠝⠍⠁⠽

More from Medium

4 Tips For How To Create A Cohesive Instagram Feed Aesthetic

The Week Ahead 12/12/2021

Your Earwax Can Tell How Healthy You Are. What Color Is Yours?

How to spend a perfect day in Abu Dhabi