# Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting # Author: Pablo Santiago # Date: 2019-11-14 # Vendor Homepage: https://www.vocabularyserver.com/ # Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download # Version: 3.0 # CVE : 2019–14343 # Reference: https://medium.com/@Pablo0xSantiago/cve-2019-14343-ebc120800053 # Tested on: Windows 10 #Description: The parameter "value" its vulnerable to Stored Cross-site scripting.. #Payload: “>