Stored cross-site scripting (also known as second-order or persistent XSS) arises when an application receives data from an untrusted source and includes that data within its later HTTP responses in an unsafe way.
Suppose a website allows users to submit comments on blog posts, which are displayed to other users. Users submit comments using an HTTP request like the following:
POST /post/comment HTTP/1.1 Host: vulnerable-website.com Content-Length: 100 postId=3&comment=This+post+was+extremely+helpful.&name=Carlos+Montoya&email=carlos%40normal-user.net
After this comment has been submitted, any user who visits the blog post will receive the following within the application's response:
<p>This post was extremely helpful.</p>
Assuming the application doesn't perform any other processing of the data, an attacker can submit a malicious comment like this:
<script>/* Bad stuff here... */</script>
Within the attacker's request, this comment would be URL-encoded as:
MyBB, formerly known as MyBulletinBoard, is an open-source forum software written in PHP. It allows users to set up and manage their own online communities where people can post discussions, share information, ask questions, and interact with each other. MyBB provides various features such as user registration and profiles, customizable themes and templates, private messaging, moderation tools, and plugins/extensions for additional functionality. It's popular among website owners who want to create vibrant online communities without extensive programming knowledge, thanks to its user-friendly interface and extensive customization options.
Login into MyBB
Download and execute (./script.py) python script to enumerate potential MyBB plugin vulnerable
