cve/2022/CVE-2022-41441.md

CVE-2022-41441

Description

Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters.

POC

Reference

• http://packetstormsecurity.com/files/171557/ReQlogic-11.3-Cross-Site-Scripting.html
• https://okankurtulus.com.tr/2023/01/17/reqlogic-v11-3-unauthenticated-reflected-cross-site-scripting-xss/

Github

• https://github.com/ARPSyndicate/cvemon