Cross-site Scripting (XSS) - Stored in patrowl/patrowlmanager
Dec 8th 2021
PatrOwl is vulnerable to stored XSS in asset group name. The payload will be triggered when someone try to delete the asset group.
Proof of Concept