Not a bug Xenforo 2.2.13 - Authenticated Stored XSS

T

topkurs2

Active member
Affected version
2.2.13
www.exploit-db.com

Xenforo Version 2.2.13 - Authenticated Stored XSS

Xenforo Version 2.2.13 - Authenticated Stored XSS.. webapps exploit for PHP platform
www.exploit-db.com www.exploit-db.com
vulners.com

Xenforo Version 2.2.13 - Authenticated Stored XSS Vulnerability - exploit database | Vulners.com

Vulners - Vulnerability DataBase
vulners.com
# Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS
# Exploit Author: Furkan Karaarslan
# Category : Webapps
# Vendor Homepage: https://x.com/admin.php?smilies
# Version: 2.2.12 (REQUIRED)
# Tested on: Windows/Linux
Click to expand...
 
This isn’t really any more of an attack vector than many other places in the admin control panel.

In future, however, if you suspect there is a vulnerability that might need attention, it isn’t ever wise to post it in public.

Please submit a ticket or contact us from the contact form.
 
Chris D said:
In future, however, if you suspect there is a vulnerability that might need attention, it isn’t ever wise to post it in public.
Click to expand...
Thank you for your attention and research this. This bug was publihed in twitter and the most popular site with vulnerabilities exploit-db. So there is no point in hiding on xenforo.com.
 

Similar threads

S
Not a bug STORED XSS IN BBCODE
Replies
2
Views
1K
RisteDimitrievski
R
Back
Top Bottom