#1235 new
Narendra Bhati

XSS In Exponent 2.3.1

Reported by Narendra Bhati | November 16th, 2014 @ 11:22 AM | in User issues

Cross Site Scripting In 2.3.1

POC Video - http://youtu.be/deBudfiZmYY

URL - http://127.0.0.1/exponent/file/picker/ajax_action/1/update/noupdate...

Payload - ">

Severity - High

Exploitation- Remotely

POC Is Attached With This Ticket

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Bug Tracker for Exponent CMS

Shared Ticket Bins

People watching this ticket

Attachments

Tags

Pages