Web Vulnerability Report
ID | EDB-ID-48791 |
CVSS 3.0 | N/A |
Cloudbric Score
?
|
Low |
Cloudbric Detection | Yes |
Vulnerability Type | Cross-Site Scripting |
Published Date | 2020-09-07 |
Updated Date | 2020-10-29 |
Vendor | 0.11.12 |
Description | Create a user account under django administrator account and login as user to perform the attack. Create a new instance and save the instances, Navigate to Services. Create a new Service from then input a Name and Url (for POC i used BlindXSS in both columns). Then append the admin account in Users to notify column and use status check and instances then save. Now the admin account gets a notification when the admin runs the check Blind XSS executes in background. when login to xsshunter.com we can see the screenshots cookies and all details of admin account. |
Reference | N/A |
URL Link | https://www.exploit-db.com/exploits/48791/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now