mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-28 15:31:27 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2022-1526
Description
A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter handling of articles. The manipulation with the input <script>alert(1);</script> leads to cross site scripting. It is possible to initiate the attack remotely but it requires a signup and login by the attacker. The exploit has been disclosed to the public and may be used.
POC
Reference
- https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting%28XSS%29.md
- https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md
- https://vuldb.com/?id.198705
Github
No PoCs found on GitHub currently.