Worksuite CMS - Multiple XSS

Our sensors found this exploit at:

Below is a copy:

Worksuite CMS - Multiple XSS
# Title: Worksuite CMS - Multiple XSS
# Author: @Eawhitehat - Eren Arslan
# Vendor:
# Demo available :
# CVE: N/A


Used Payload : </script><svg onload=alert(1234)>

Demo : 
Admin : [email protected] 123456

Method :
Connect to panel,
Go to : 
Select or create one user : Entry random information in all category and paste to description the payload : </script><svg onload=alert(1234)>
Re-select your created users and look the payload loaded

Affected page : 

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.