Closed Lilc1 closed 5 years ago
Adding code options in the Preferences other page via /MineWebCMS/admin/configuration results in Stored XSS.
The image only shows the acquisition of cookies, this vulnerability can also be used for intranet detection, keyloggers and other operations.
duplicate https://github.com/MineWeb/MineWebCMS/issues/123
Eywek
commented
5 years ago Eywek
commented
5 years ago
Adding code options in the Preferences other page via /MineWebCMS/admin/configuration results in Stored XSS.
The image only shows the acquisition of cookies, this vulnerability can also be used for intranet detection, keyloggers and other operations.