Welcome to

色豹随心笔记

首页 / XSS / Cross-site scripting (XSS) vulnerability in CMS Made Simple 2.1.6

Cross-site scripting (XSS) vulnerability in CMS Made Simple 2.1.6

in adminpage > Design Manager > Categories options  Create a new Category Desciption filed  has xss vulnerability 


first create a new catagory

and in Description write the payload </textarea><svg/onload=alert(0)> and submit the catagory


3.png


then when you  edit the category  the description filed has xss vulnerability



本文暂无评论

发表评论

您的电子邮件地址不会被发布。

>> <<