Cross-site Scripting (XSS) - Reflected in erikdubbelboer/phpredisadmin
Aug 23rd 2021
The application is vulnerable to XFS attack.
🕵️♂️ Proof of Concept
Navigate to https://domain.tld/phpRedisAdmin/?https://www.eia.gov/state/maps The page https://www.eia.gov/state/maps.php will be loaded in an iframe on the page.
We have contacted a member of the erikdubbelboer/phpredisadmin team and are waiting to hear back 2 years ago
Erik Dubbelboer marked this as fixed with commit e24eca 2 years ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation