mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
691 B
691 B
CVE-2018-15677
Description
The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF.
POC
Reference
- https://rastating.github.io/xbtit-multiple-vulnerabilities/
- https://rastating.github.io/xbtit-multiple-vulnerabilities/
Github
No PoCs found on GitHub currently.