Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-26710 PoC — Redwood Report2Web 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-26710.yaml
Associated Vulnerability
Title:Redwood Report2Web 跨站脚本漏洞 (CVE-2021-26710)
Description:Redwood Report2Web是美国Redwood公司的一个可为用户提供自动化生成报告功能的Web平台。 Redwood Report2Web 4.3.4.5 and 4.5.3 存在跨站脚本漏洞,该漏洞源于登录面板XSS问题,远程攻击者可利用该漏洞可以通过登录注入JavaScript
Description
Redwood Report2Web 4.3.4.5 and 4.5.3 contains a cross-site scripting vulnerability in the login panel which allows remote attackers to inject JavaScript via the signIn.do urll parameter.
File Snapshot

 id: CVE-2021-26710

info:
  name: Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting
  author

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.