XSS caused by sending information between users in pbboard/pbboard-3.0.4
Jan 30th 2023
The forum allows users to send information. Although the script tag cannot be used, the img tag can also cause xss.And the program can bypass the filtering of the "cookie" string by means of entity encoding.
You can watch my video through this link first. link
Proof of Concept
1.Login to the forum as any user.
2.Send dangerous messages to admin users.
3.The value of the Message is below
<img src=1 onerror="alert(document.cookie)">
4.Admin users view the Message sent by the attacker.
(1) To steal the administrator account or cookie, the intruder can log in to the background as an administrator. It enables intruders to manipulate background data maliciously, including reading, changing, adding and deleting some information.
(2) Stealing users' personal information or login accounts will pose a huge threat to the user security of the website. For example, pretend to be a user for various operations.
(3) The website hangs horses. First, embed the malicious attack code into the Web application. When the user browses the hanging horse page, the user's computer will be implanted with a Trojan horse.
(4) Send advertisements or spam messages. Attackers can use XSS vulnerabilities to plant advertisements or send spam, seriously affecting