Stored XSS in Frog CMS (Open Source)
Greetings ,
While looking for CVE i decided to pick an open source CMS (content management system) which is Frog CMS can be found here : https://github.com/philippe/FrogCMS .
So i started setting up my localhost with frog CMS. After that i quickly logged into my frog cms account.
And there i saw an option to add "New Snippet" . I click on that and used this payload "><Svg OnLoad=(confirm)(1)> and saved that payload. After that a xss popup appear on my browser.
Thant's all folks
While looking for CVE i decided to pick an open source CMS (content management system) which is Frog CMS can be found here : https://github.com/philippe/FrogCMS .
So i started setting up my localhost with frog CMS. After that i quickly logged into my frog cms account.
And there i saw an option to add "New Snippet" . I click on that and used this payload "><Svg OnLoad=(confirm)(1)> and saved that payload. After that a xss popup appear on my browser.
Thant's all folks
Comments
Post a Comment