# Affected software: gpeasy cms # Type of vulnerability:stored xss # URL:gpeasy.com # Discovered by: provensec # Website: provensec.com #version: gpEasy 4.4 # Proof of concept goto edit layout and fill filed with xss payload ">

and save it javascript will execute --20cf303f64d02dcd89051578f782 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

# Affected software:=A0gpeasy cms

# Type of vulne= rability:stored xss

# URL:gpeasy= .com

# Discovered by: provensec

# Website: provensec.com

#version:=A0g= pEasy 4.4

# Proof of concept

goto=A0

edit layout and fill = filed with xss payload=A0"><img src=3Dd onerror=3Dconfirm(1);>= ; and save it javascript will execute=A0