dEEpEst Posted February 28, 2018 Share Posted February 28, 2018 [HIDE-THANKS]###################################################################################### # Exploit Title: Facebook Clone Script 1.0.5 - Stored XSS # Date: 07.02.2018 # Vendor Homepage: This is the hidden content, please Sign In or Sign Up # Software Link: This is the hidden content, please Sign In or Sign Up # Category: Web Application # Exploit Author: Prasenjit Kanti Paul # Web: This is the hidden content, please Sign In or Sign Up # Version: 1.0.5 # Tested on: Linux Mint # CVE: CVE-2018-6858 ####################################################################################### Proof of Concept ================= 1. Login as a user 2. Goto "Comment" option of any post 3. Put "" as comment 4. You will be having a popup "PKP"[/HIDE-THANKS] Link to comment Share on other sites More sharing options...
Recommended Posts