Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-31434 PoC — Evasys 跨站脚本漏洞

Source
https://github.com/trustcves/CVE-2023-31434
Associated Vulnerability
Title:Evasys 跨站脚本漏洞 (CVE-2023-31434)
Description:Evasys是德国Evasys公司的一个为在线、纸质和混合用途提供全自动调查和考试解决方案的平台。 Evasys v8.2 Build 2286之前版本和v9.0 Build 2401之前的v9.x版本存在安全漏洞,该漏洞源于没有验证输入,允许经过身份验证的攻击者在多个位置注入HTML代码和XSS。
File Snapshot

 [4.0K]  /data/pocs/db8b29f65a34428e6fe28efd7d636c27fe346512
├── [4.0K]  images
│   ├── [343K]  XSS_1.png
│   ├── [101K]  XSS_2.png
│   ├── [244K]  XSS_3.png
│   ├── [ 66K]  XSS_5.png
│   └── [ 52K]  XSS_6.png
└── [4.4K]  writeup.md

1 directory, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.