You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I found a Stored XSS in Admin Panel's categories page, http://192.168.255.128:8000/admin/categories
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.
Steps to reproduce the problem
Install and login to the website.
Go to Admin Panel and Click Categories button.
Click any category(ex. General) or Add a new category you want.
And paste the payload <svg/onload=alert('xss_test')> to Friendly URL then save it.
There is a Stored XSS triggered.
Bludit version
3.13.1
PHP version
PHP version: 7.2.24
The text was updated successfully, but these errors were encountered:
Describe your problem
I found a Stored XSS in Admin Panel's categories page, http://192.168.255.128:8000/admin/categories
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.
Steps to reproduce the problem
Install and login to the website.
Go to Admin Panel and Click Categories button.
Click any category(ex. General) or Add a new category you want.
And paste the payload
<svg/onload=alert('xss_test')>
to Friendly URL then save it.There is a Stored XSS triggered.
Bludit version
3.13.1
PHP version
PHP version: 7.2.24
The text was updated successfully, but these errors were encountered: