Cross-site Scripting (XSS) - Stored in pimcore/pimcore

✍️ Description pimcore is a Open Source Data & Experience Management Platform PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce this package is vulnerable for Stored XSS thru SEO menu 🕵️‍♂️ Proof of Concept 💥 Impact This vulnerability is capable of...

Academy-LMS 4.3 - Stored XSS

Exploit Title: Academy-LMS 4.3 - Stored XSS Date: 19/12/2020 Vendor page: https://academy-lms.com/ Version: 4.3 Tested on Win10 and Google Chrome Exploit Author: Vinicius Alves XSS Payload: 1 Access LMS and log in to admin panel 2 Access courses page 3 Open course manager and SEO menu 4 Paste the...