Monstra cms 3.0.4 - Persitent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Monstra cms 3.0.4 - Persitent Cross-Site Scripting Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra Version: 3.0.4 Tested on: php 5.6,...

CVE-2018-10109

Monstra CMS 3.0.4 is affected by a stored XSS (CVE-2018-10109). An attacker with the editor role can inject a payload into the content section when creating a new page in the blog catalog; the payload is stored and later rendered, enabling JavaScript execution. Multiple sources corroborate the ed...