mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-11 12:37:41 +02:00
0xMarcio
767 B
767 B
CVE-2021-23929
Description
OX App Suite through 7.10.4 allows XSS via a crafted Content-Disposition header in an uploaded HTML document to an ajax/share/?delivery=view URI.
POC
Reference
- https://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html
- https://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html
Github
No PoCs found on GitHub currently.