concrete5: Stored XSS on Blog's page Tile

2015-03-08T08:16:59
ID H1:50552
Type hackerone
Reporter ishahriyar
Modified 2015-07-08T18:37:36

Description

In blog page Custom Title Text , xss payload can be executed and saved permanently . Poc: "><img src=x onerror=alert(1)>