czwartek, 18 lipca 2019

XSS in TestLink 1.9.19

Last time we talked about automating Burp scans to find few more low-hanging fruits during bug hunting. Today we will try to achieve similar results - this time for latest TestLink (1.9.19 available at Bitnami). Here we go...
We will start here:

Scenario is pretty simple like during our last adventure, so below you will find quick poc for XSS-over-GET:

That's all. Maybe you'll find it useful ;)

See you next time!


Brak komentarzy:

Prześlij komentarz