Monday 27 August 2012

[EN] Reflected XSS in latest e107 CMS (1.0.1)

Hi ;)

Some one asked me about this case in mail, so here is the answer:


1. Go to 'register' page:


2. As Your e-mail confirmation, add yourm@il +  code from screen nr 3:




3. View from Burp Proxy:



4. ... and another one, parameters:



Cheers ;)

o/

No comments:

Post a Comment

What do You think...?