You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Brief Summary:
In order to exploit this vulnerability you must go to the blog of the targeted site. Create an account and sign in. Once signed in you change your username to the payload you are wishing to use. Ex: <script>alert("Hacked");</script>
Dork: "Powered by elefant cms 1.3.6"
Affected:
https://github.com/jbroadway/elefant/archive/elefant_1_3_6_beta.tar.gz
Other versions haven't been tested.
Brief Summary:
In order to exploit this vulnerability you must go to the blog of the targeted site. Create an account and sign in. Once signed in you change your username to the payload you are wishing to use. Ex: <script>alert("Hacked");</script>
POC:
http://prntscr.com/2w7krs
Hope this helps and is fixed - Anon
The text was updated successfully, but these errors were encountered: