Cross-site Scripting (XSS) - Reflected in sbrl/pepperminty-wiki
Sep 21st 2021
Stored XSS in action
🕵️♂️ Proof of Concept
- Navigate to "index.php?action=<script>alert(1);</script>&page=Main Page"
- See XSS executed
With this vulnerability, You can run arbitrary java script on all users.