Submit #67: WolfCMS | Cross Site Scripting | v0.8.3.1 and beforeinfo

Title	WolfCMS \| Cross Site Scripting \| v0.8.3.1 and before
Description	WolfCMS v0.8.3.1 and before is vulnerable to cross site scripting in module User Add for parameter Name. Impacted URL is http://[your_webserver_ip]/wolfcms/?/admin/user/add Payload used for proof-of-concept is "TestXSS><img src=x onmousover=alert(document.cookie)> Further details available here - https://github.com/wolfcms/wolfcms/issues/683
Source	⚠️ https://github.com/wolfcms/wolfcms/issues/683
User	pramodrana (UID 2935)
Submission	05/07/2019 14:27 (7 years ago)
Moderation	05/16/2019 09:26 (9 days later)
Status	Accepted
VulDB entry	135125 [WolfCMS up to 0.8.3.1 User Add add Name cross site scripting]
Points	19

Interested in the pricing of exploits?

See the underground prices here!