Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-41951 PoC — Montala ResourceSpace 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-41951.yaml
Associated Vulnerability
Title:Montala ResourceSpace 跨站脚本漏洞 (CVE-2021-41951)
Description:Montala ResourceSpace是英国Montala公司的一种开源数字资产管理工具。使用户能够组织他们的数字资产。 Montala ResourceSpace 9.5 和 9.6 rev 18277版本存在跨站脚本漏洞,攻击者可以通过让受害者访问精心制作的URL来执行恶意的JavaScript。
Description
ResourceSpace before 9.6 rev 18290 is affected by a reflected cross-site scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter.
File Snapshot

 id: CVE-2021-41951

info:
  name: Resourcespace - Cross-Site Scripting
  author: coldfish
  severity

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.