Genel, Slider, Web Güvenliği, Yazılarım

Airties AIR5444TT / Airties AIR5444 Cross-Site Scripting

Yazılarımı Paylaşabilirsiniz
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

 

 

CVE-ID: CVE-2018-8738

Exploit-DB-ID: 44986

NVD: CVE-2018-8738

 

What is XSS:

Reflected Cross-site Scripting (XSS) occur when an attacker injects browser executable code within a single HTTP response. The injected attack is not stored within the application itself; it is non-persistent and only impacts users who open a maliciously crafted link or third-party web page. The attack string is included as part of the crafted URL or HTTP parameters, improperly processed by the application, and returned to the victim.

 

Watch PoC;

 

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

2 thoughts on “Airties AIR5444TT / Airties AIR5444 Cross-Site Scripting

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir