cve/2020/CVE-2020-25399.md

CVE-2020-25399

Description

Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.

POC

Reference

• https://github.com/h3llraiser/CVE-2020-25399
• https://github.com/h3llraiser/CVE-2020-25399

Github

• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/h3llraiser/CVE-2020-25399
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/nomi-sec/PoC-in-GitHub