### 简要描述:
最新版通达OA几处存储型XSS
### 详细说明:
测试版本:下载 通达OA 2013增强版(125MB)
下载地址:http://www.tongda2000.com/download/2013adv.php
更新于 2013-12-26 13:30
1、讨论区发帖处发帖内容存储型XSS
[<img src="https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png" alt="xss.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png)
2、回答“OA知道”问题时以源码方式编辑存在存储型XSS:
[<img src="https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png" alt="xss1.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png)
[<img src="https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png" alt="xss2.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png)
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png" alt="xss.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png)
[<img src="https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png" alt="xss1.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png)
[<img src="https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png" alt="xss2.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png)
京公网安备 11010502034610号
暂无评论