Giters

bigzooooz / CVE-2022-31300

Haraj Script 3.7 - DM Section Authenticated Stored XSS

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2022-31300

Haraj Script 3.7 - DM Section Authenticated Stored XSS

Exploit Title: Haraj Script 3.7 - Authenticated Stored XSS

Date: 2022-06-13

CVE: CVE-2022-31300

Exploit Author: Abdulaziz Saad (@b4zb0z)

Vendor Homepage: https://angtech.org/

Software Link: https://angtech.org/product/view/3

Version: 3.7

Tested on: LAMP, Ubuntu

[#] Exploitation : exploit DM messages section with js payload by manipluating and repeating sent request via Burpsuite or DevTools

About

Haraj Script 3.7 - DM Section Authenticated Stored XSS