mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
773 B
773 B
CVE-2018-6506
Description
Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.
POC
Reference
- https://offensivehacking.wordpress.com/2018/02/07/minibb-forums-v3-2-2-stored-xss/
- https://offensivehacking.wordpress.com/2018/02/07/minibb-forums-v3-2-2-stored-xss/
Github
No PoCs found on GitHub currently.