FlatPress 1.0 Cross Site Scripting

2015-04-24T00:00:00
ID PACKETSTORM:131611
Type packetstorm
Reporter Provensec
Modified 2015-04-24T00:00:00

Description

                                        
                                            `# Affected software: FlatPress 1.0  
# Type of vulnerability:stored xss  
# URL:http://www.opensourcecms.com/scripts/details.php?scriptid=77&name=FlatPress  
# Discovered by: provensec  
# Website: provensec.com  
  
#version: FlatPress 1.0  
# Proof of concept  
  
adding a new entry with xss payload will lead to stored cross site scripting  
  
screenshot:http://prntscr.com/6xi3n3  
`