cve/2020/CVE-2020-9461.md

CVE-2020-9461

Description

Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter of the Media.CreateFolder command is vulnerable.

POC

Reference

• https://guilhermerubert.com/blog/cve-2020-9460/

Github

• https://github.com/0xT11/CVE-POC
• https://github.com/ARPSyndicate/cvemon
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/g-rubert/CVE-2020-9461
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/soosmile/POC