CVE-2022-31300
Haraj Script 3.7 - DM Section Authenticated Stored XSS
Exploit Title: Haraj Script 3.7 - Authenticated Stored XSS
Date: 2022-06-13
CVE: CVE-2022-31300
Exploit Author: Abdulaziz Saad (@b4zb0z)
https://angtech.org/
Vendor Homepage:https://angtech.org/product/view/3
Software Link:Version: 3.7
Tested on: LAMP, Ubuntu
[#] Exploitation : exploit DM messages section with js payload by manipluating and repeating sent request via Burpsuite or DevTools