- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 18979
- Проверка EDB
-
- Пройдено
- Автор
- HENRY HOGGARD
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2012-06-03
Код:
# Title: Vanilla Poll 0.9 Stored XSS
# Date: 1/6/12
# Author: Henry Hoggard
# Author URL: henryhoggard.co.uk
# Author Twitter: @henryhoggard
# Software: Vanilla Version 2.0.18.4 + Vanilla Poll 0.9
# http://vanillaforums.org/download
# http://vanillaforums.org/addon/poll-plugin
# Exploit-DB Note:
# User must have proper privileges to attach
# a poll to a discussion
To create the XSS firstly create a new thread.
Once the thread is made press attach the poll and either enter the XSS in the title or the answers of the poll.
The XSS I used is
<script>alert('xss')</script>
#############################################################- Источник
- www.exploit-db.com
