Log Viewer XSS ?
-
Hi.
404 Log viewer seems to be vulnerable with following url :
“https://www.example.com/example.any?name=lkjdfa&oij=iqx6mA%3D%3D§ions=All<script>alert(12345)</script>z”
you can see an alert with “12345” in it when accessing Log page in itheme security, it’s not working if run this url in browser and it should run in curl and then go to log page.
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Log Viewer XSS ?’ is closed to new replies.
