exploit-
intel
Search
Blog
Stats
Labs
Tools
Tools
EIP CLI Search Tool
EIP MCP Server
EIP REST API
API Rate Limits
About
About
About Exploit Intel
About Exploit Forge
Privacy Policy
RSS Feeds
Blog Posts
Recent CVEs
CVEs with Exploits
CISA KEV
Theme
Color Theme
Cyan
Amber
Milw0rm
Light Warm
Paper
Navy
Search
Blog
Statistics
Labs
Tools
EIP CLI Search Tool
EIP MCP Server
EIP REST API
API Rate Limits
About
About Exploit Forge
Privacy
Exploit Database
Researchers
CWE Categories
Vendors
Ecosystems
RSS Feeds
Blog Posts
Recent CVEs
CVEs with Exploits
CISA KEV
Follow:
Theme:
Home
/
Researchers
/
Jackson Henry
Jackson Henry
3
exploits
Active since Apr 2021
CVE-2021-43032
NOMISEC
MEDIUM
WRITEUP
XenForo <2.2.7 - XSS
In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side.
2 stars
CVSS 4.8
View Code
CVE-2020-17453
NOMISEC
MEDIUM
WORKING POC
WSO2 Management Console <5.10 - XSS
WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
2 stars
CVSS 6.1
View Code
CVE-2020-17453
INTHEWILD
MEDIUM
WORKING POC
WSO2 Management Console <5.10 - XSS
WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
CVSS 6.1
View Code