VULHUB ™

### 简要描述： 最新版通达OA几处存储型XSS ### 详细说明： 测试版本：下载 通达OA 2013增强版(125MB) 下载地址：http://www.tongda2000.com/download/2013adv.php 更新于 2013-12-26 13:30 1、讨论区发帖处发帖内容存储型XSS [<img src="https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png" alt="xss.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png) 2、回答“OA知道”问题时以源码方式编辑存在存储型XSS： [<img src="https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png" alt="xss1.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png) [<img src="https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png" alt="xss2.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png) ### 漏洞证明： [<img...

### 简要描述： 最新版通达OA几处存储型XSS ### 详细说明： 测试版本：下载 通达OA 2013增强版(125MB) 下载地址：http://www.tongda2000.com/download/2013adv.php 更新于 2013-12-26 13:30 1、讨论区发帖处发帖内容存储型XSS [<img src="https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png" alt="xss.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png) 2、回答“OA知道”问题时以源码方式编辑存在存储型XSS： [<img src="https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png" alt="xss1.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png) [<img src="https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png" alt="xss2.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png" alt="xss.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410243747186821760fc782be9d4599333a72e2.png) [<img src="https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png" alt="xss1.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/1410253292471b52f06ac6de55009b144d646128.png) [<img src="https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png" alt="xss2.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/141025451331af4a2c79e1b3d32ac2e97c7acec7.png)