Open
Description
A Cross Site Scripting vulnerabilty exists in Pixelimity via the Page Title field in pixelimity/admin/pages.php?action=add_new
Step to exploit:
- Login as admin.
- Navigate to http://127.0.0.1/pixelimity/admin/pages.php and click on Add New.
- Insert XSS payload (<script>alert(1)</script>) in the "Title" field and click on Publish Page.
Proof of concept (Poc):
<script>alert(1)</script>Metadata
Assignees
Labels
No labels

