CVE-2022-47373

Reflected Cross Site Scripting Vulnerability in PandoraFMS <= v766

> Exploit Title: Reflected Cross Site Scripting

> Date: 15/02/2023

> Exploit Author: Gaurish Kauthankar

> Vendor Homepage: https://pandorafms.com/en/

> Software Link: https://github.com/pandorafms/pandorafms

> Version: <= v766

> Tested on: Ubuntu

> CVE : CVE-2022-47373

Steps to reproduce:

Add xss payload in the search functionality present in module library section.
Observe payload execution.
Now share the url containing xss payload with the victim user to steal cookies, redirecting to evil website, etc.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Repository files navigation

CVE-2022-47373

> Exploit Title: Reflected Cross Site Scripting

> Date: 15/02/2023

> Exploit Author: Gaurish Kauthankar

> Vendor Homepage: https://pandorafms.com/en/

> Software Link: https://github.com/pandorafms/pandorafms

> Version: <= v766

> Tested on: Ubuntu

> CVE : CVE-2022-47373

Steps to reproduce:

About

Releases

Packages

Argonx21/CVE-2022-47373

Folders and files

Latest commit

History

README.md

README.md

Repository files navigation

CVE-2022-47373

> Exploit Title: Reflected Cross Site Scripting

> Date: 15/02/2023

> Exploit Author: Gaurish Kauthankar

> Vendor Homepage: https://pandorafms.com/en/

> Software Link: https://github.com/pandorafms/pandorafms

> Version: <= v766

> Tested on: Ubuntu

> CVE : CVE-2022-47373

Steps to reproduce:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages