Stored XSS in Frog CMS (Open Source)

Greetings ,


While looking for CVE i decided to pick an open source CMS (content management system) which is Frog CMS can be found here : https://github.com/philippe/FrogCMS .


So i started setting up my localhost with frog CMS. After that i quickly logged into my frog cms account.
And there i saw an option to add "New Snippet" . I click on that and used this payload "><Svg OnLoad=(confirm)(1)> and saved that payload. After that a xss popup appear on my browser.




Thant's all folks


Comments

Popular posts from this blog

Another XSS on Frog CMS (Open Source)