mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-12 21:42:20 +02:00
0xMarcio
1010 B
1010 B
CVE-2022-1526
Description
A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter handling of articles. The manipulation with the input <script>alert(1);</script> leads to cross site scripting. It is possible to initiate the attack remotely but it requires a signup and login by the attacker. The exploit has been disclosed to the public and may be used.
POC
Reference
- https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md
- https://vuldb.com/?id.198705
Github
No PoCs found on GitHub currently.