mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
1.0 KiB
1.0 KiB
CVE-2024-29183
&color=brighgreen)
Description
OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an attacker to execute arbitrary javascript with the permissions of a user after the user logins with their account.
POC
Reference
- https://securitylab.github.com/advisories/GHSL-2023-253_openrasp
- https://securitylab.github.com/advisories/GHSL-2023-253_openrasp
Github
No PoCs found on GitHub currently.