Giters

Urban4 / CVE-2022-3992

Cross Site Scripting on sanitization-management-system

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2022-3992

Cross-Site Scripting in WonderCMS

Description: A cross-site scripting (XSS) vulnerability in Sanitization Management System v1.0 allows potential attackers to upload arbitrary files via a crafted name into the system logo Fields of the System Info Fields. The cookie has no HttpOnly Flag this could be used to steal the cookies of logged-in users. How To Reproduce: Screen Shot 2022-11-19 at 12 25 34 PM Screen Shot 2022-11-19 at 12 27 18 PM Screen Shot 2022-11-19 at 12 31 03 PM

About

Cross Site Scripting on sanitization-management-system