OpenCMS 17.0 - Stored Cross Site Scripting (XSS)

# Exploit Title: OpenCMS 17.0 - Stored Cross Site Scripting (XSS)
# Date: 24-11-2024
# Exploit Author: Siddhartha Naik
# Vendor Homepage: http://www.opencms.org/en/
# Software Link: http://www.opencms.org/en/modules/downloads/begindownload.html?id=dade528f-ec17-11ee-ab97-7fde8b0295e1
# Affected Version: 17.0
# Category: WebApps
# Tested on: Windows 11
# CVE : CVE-2024-41447

1. Vendor Description:

OpenCms from Alkacon Software is a professional, easy to use website
content management system. OpenCms helps content managers worldwide to
create and maintain beautiful websites fast and efficiently.

2. Technical Description:

This is a Stored XSS vulnerability in the author field seen when publishing an article.
 This vulnerability has been tested on latest versions of Brave and Firefox browsers.
 It is believed to affect any user who clicks on the "Read More" button of the affected article and
 can be exploited by any user who is able to modify/create articles.

3. Proof Of Concept:

a)  Start by creating a new article. In the author field write your script like so:

<script>alert(1)</script>

b)  Save and publish the article
c)  The user who clicks on the read more button gets a popup saying '1' 

4. Solution:

Upgrade to latest release.
http://www.opencms.org/en/home/news.html

5. Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41447            
https://github.com/Sidd545-cr/CVE/blob/main/CVE-2024-41447%20-%20Stored%20XSS%20in%20author%20field.pdf
http://alkacon.com
http://opencms.com