Description:
A cross site scripting (XSS) vulnerability in AuraCMS may allow remote attackers (users) to inject arbitrary Web scripts through the source editor, which will cause an attacker (user) to get the administrator's cookie and log in to the administrator interface.
Attack Impact:
This can be used to perform operations on an administrator (or any user leaving a message on the site) and can lead to hijacking an administrator's cookie.
The text was updated successfully, but these errors were encountered:
Description:
A cross site scripting (XSS) vulnerability in AuraCMS may allow remote attackers (users) to inject arbitrary Web scripts through the source editor, which will cause an attacker (user) to get the administrator's cookie and log in to the administrator interface.
Vulnerability Type: Stored XSS
Attack Vectors:
1.Open AuraCMS as a user
Attack Impact:
This can be used to perform operations on an administrator (or any user leaving a message on the site) and can lead to hijacking an administrator's cookie.
The text was updated successfully, but these errors were encountered: