search

yogeshojha / rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
https://yogeshojha.github.io/rengine/
GNU General Public License v3.0
7.17k stars 1.09k forks source link

XSS Stored #1269

Open shubhamdupare6 opened 1 month ago

shubhamdupare6 commented 1 month ago

Is there an existing issue for this?

Current Behavior

image

Expected Behavior

Vulnerable to XSS

Steps To Reproduce

Add XSS playload in Vulnerable URL

Environment

- reNgine: 2.0.6
- OS: UBUNTU 20.04
- Python: 3.11.0

Anything else?

https://portswigger.net/web-security/cross-site-scripting/stored

github-actions[bot] commented 1 month ago

👋 Hi @shubhamdupare6, Issues is only for reporting a bug/feature request. Please read documentation before raising an issue https://rengine.wiki For very limited support, questions, and discussions, please join reNgine Discord channel: https://discord.gg/azv6fzhNCE Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.

yogeshojha commented 1 week ago

Hi @shubhamdupare6 which url is vulnerable?