CVE-2020-13888 Kordil EDMS through 2.2.60rc3 allows stored XSS

1) Browse through the Kordil EDMS application

2) Update the Home address field present under the user management tab with XSS payload

3) Save the the page

4) And go to the page where the entered details will be reflected and now you wil see the XXS payload getting executed

Leave a Reply

Your email address will not be published. Required fields are marked *