CVE-2024-24131 PoC — Superwebmailer 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-24131.yaml

Associated Vulnerability

Title:Superwebmailer 跨站脚本漏洞 (CVE-2024-24131)
Description:Superwebmailer是一个基于 Web 的 PHP 通讯软件，用于通讯收件人管理，发送 HTML 通讯，生日电子邮件。 Superwebmailer v9.31.0.01799版本存在跨站脚本漏洞，该漏洞源于组件api.php存在跨站脚本漏洞。

Description

SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php.

File Snapshot


 id: CVE-2024-24131

info:
  name: SuperWebMailer 9.31.0.01799 - Cross-Site Scripting
  author: Dhiya

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!