3 matches found
CVE-2020-29469
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
CVE-2020-29469
CVE-2020-29469 affects WonderCMS 3.1.3 with a cross-site scripting (XSS) flaw in the Menu component. The vulnerability lets an attacker inject arbitrary scripts via the Menu settings, which are then executed when users visit the site directory, enabling cookie theft per the documented payload exa...
WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'menu' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Contact: https://www.linkedin.com/in/hemantsolo/ CVE: CVE-2020-29469 Attac...