CVE-2020-23761 Stored XSS vulnerability in subrion CMS Version <= 4.2.1

1) install subrion CMS version (4.2.1)

2) login into admin acccount

3) go to Financial tab and click on transactions

4) Select “add transaction” button and inject xss payload on the “payment gateway” column and save the entry

5) now come to the admin dashboard and you will see the XSS popping

Leave a Reply

Your email address will not be published. Required fields are marked *