Another XSS on Frog CMS (Open Source)

Greetings ,

This blog is also about my second finding on the Frog CMS , While testing i visited the forgot password page.
First i tried some random things for abusing that functionality but i got nothing.
After that i entered the following payload "><svg/onload=prompt(1)> and entered. The xss popup started showing on my browser.

That's all folks. Please share this blog with everyone.

Comments

Popular posts from this blog

Stored XSS in Frog CMS (Open Source)