New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add so plannig xss #9700
add so plannig xss #9700
Conversation
Hi @Kazgangap the matcher looks weak , is it possible to update the matcher Thanks |
hi @DhiyaneshGeek |
Hi @Kazgangap Yeah looks like authentication is involved, if you can update the template with Login Request and update additional matcher. it will be great Thanks |
Hello again @DhiyaneshGeek
|
Hi @Kazgangap Thank you so much for sharing the updated template Can you raise a New PR for Default Login for this SOPlanning , that will be a great addition 😄 |
Template / PR Information
add soplannig 1.52.00 xss vuln
https://packetstormsecurity.com/files/178434/SOPlanning-1.52.00-Cross-Site-Scripting.html
SOPlanning v1.52.00 is vulnerable to XSS via the 'groupe_id' parameters a remote unautheticated attacker can hijack the admin account or other users. The remote attacker can hijack a users session or credentials and perform a takeover of the entire platform.
Template Validation
I've validated this template locally?
Additional Details (leave it blank if not applicable)
Additional References: