cve/CVE-2019-13972.md at 49bdc782b38d7d6d975377fc69b0c94bc5c39b3a - cve - 临风笛

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

663 B

Raw Blame History

CVE-2019-13972

Description

LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue to CVE-2019-17997.

POC

Reference

http://blog.topsec.com.cn/%E5%A4%A9%E8%9E%8D%E4%BF%A1%E5%85%B3%E4%BA%8Elayerbb-1-1-3-xss%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/

Github

No PoCs found on GitHub currently.