Not a bug Xenforo 2.2.13 - Authenticated Stored XSS

topkurs2 · Jun 28, 2023

Xenforo Version 2.2.13 - Authenticated Stored XSS

Xenforo Version 2.2.13 - Authenticated Stored XSS.. webapps exploit for PHP platform

www.exploit-db.com

Xenforo Version 2.2.13 - Authenticated Stored XSS Vulnerability - exploit database | Vulners.com

Vulners - Vulnerability DataBase

vulners.com

# Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS
# Exploit Author: Furkan Karaarslan
# Category : Webapps
# Vendor Homepage: https://x.com/admin.php?smilies
# Version: 2.2.12 (REQUIRED)
# Tested on: Windows/Linux

Chris D · Jun 28, 2023

This isn’t really any more of an attack vector than many other places in the admin control panel.

In future, however, if you suspect there is a vulnerability that might need attention, it isn’t ever wise to post it in public.

Please submit a ticket or contact us from the contact form.

topkurs2 · Jun 28, 2023

Chris D said:
In future, however, if you suspect there is a vulnerability that might need attention, it isn’t ever wise to post it in public.

Thank you for your attention and research this. This bug was publihed in twitter and the most popular site with vulnerabilities exploit-db. So there is no point in hiding on xenforo.com.

Not a bug Xenforo 2.2.13 - Authenticated Stored XSS

topkurs2

Active member

Xenforo Version 2.2.13 - Authenticated Stored XSS

Xenforo Version 2.2.13 - Authenticated Stored XSS Vulnerability - exploit database | Vulners.com

Chris D

XenForo developer

topkurs2

Active member

Similar threads

We value your privacy