Lucene search
Sayak NaskarEXPLOITPACK:5D0F9D985631C08FCCB87F0B7520D0CAHistoryFeb 11, 2020 - 12:00 a.m.
Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
2020-02-1100:00:00
Sayak Naskar
30
EPSS
0.001
Percentile
46.0%
Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
# Exploit Title: Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
# Google Dork: N/A
# Date: 2020-02-10
# Exploit Author: Sayak Naskar
# Vendor Homepage: https://vanillaforums.com/en/
# Version: 2.6.3
# Tested on: Windows, Linux
# CVE : CVE-2020-8825
A Stored xss was found in Vanillaforum 2.6.3 .
index.php?p=/dashboard/settings/branding
# Proof of Concept:
An attacker will insert a payload on branding section. So, whenever an user will open the branding section then attacker automatically get all sensitive information of the user.Related
cvelist
cvelist
CVE-2020-8825
2020-02-10 11:14:37
zdt
zdt
Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting Vulnerability
2020-02-11 00:00:00
packetstorm
packetstorm
Vanilla Forum 2.6.3 Cross Site Scripting
2020-02-10 00:00:00
exploitdb
exploitdb
Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
2020-02-11 00:00:00
nvd
nvd
CVE-2020-8825
2020-02-10 12:15:12
osv
osv
CVE-2020-8825
2020-02-10 12:15:12
cve
cve
CVE-2020-8825
2020-02-10 12:15:12
prion
prion
Cross site scripting
2020-02-10 12:15:00