Lucene search
JosefjkuBCE84C02-ABB2-474F-A67B-1468C9DCABB8HistoryFeb 14, 2023 - 2:28 p.m.
stored XSS in the Category Field Name
2023-02-1414:28:31
josefjku
www.huntr.dev
2
stored xss
category field
bypass possibility
mitigations
0.001 Low
EPSS
Percentile
23.5%
Hello,
After all XSS Mitigations, I detected a XSS Bypass Possibility in the Naming of the category.
Let’s see :)
A stored XSS through this Payload
Thank you for watching :)
Related
veracode
veracode
Cross-Site Scripting (XSS)
2023-04-20 16:36:03
osv
osv
CVE-2023-1885
2023-04-05 17:15:07
cvelist
cvelist
CVE-2023-1885 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2023-04-05 00:00:00
github
github
cve
cve
CVE-2023-1885
2023-04-05 17:15:07
nvd
nvd
CVE-2023-1885
2023-04-05 17:15:07
prion
prion
Cross site scripting
2023-04-05 17:15:00
openvas
openvas
phpMyFAQ < 3.1.12 Multiple Vulnerabilities
2023-04-04 00:00:00