mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-05 06:38:06 +02:00
0xMarcio
978 B
978 B
CVE-2022-1439
&color=brighgreen)
Description
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction.