Auth Stored XSS in Vik Rent Car 1.1.1
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
CVE | CVE-2021-24519 | 16 Aug 202111:15 | โ | cve |
Cvelist | CVE-2021-24519 Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) | 16 Aug 202110:48 | โ | cvelist |
CNVD | WordPress VikRentCar Car Rental Management System plugin cross-site scripting vulnerability | 18 Aug 202100:00 | โ | cnvd |
NVD | CVE-2021-24519 | 16 Aug 202111:15 | โ | nvd |
Prion | Cross site scripting | 16 Aug 202111:15 | โ | prion |
WPVulnDB | Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) | 19 Jul 202100:00 | โ | wpvulndb |
Add or Edit a Characteristic (/wp-admin/admin.php?option=com_vikrentcar&task=carat)) with the following payload in the 'Text Next to Icon' field: <script>alert(/XSS/)</script>
Then view the Characteristics List to trigger the XSS
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo