CVE-2019-13633

EIP tracks 1 public exploit for CVE-2019-13633. PoCs published by Security-AVS.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2019-13633, a Blind/Persistent XSS vulnerability in Blinger.io v.1.0.2519. The vulnerability allows attackers to execute arbitrary JavaScript code via built-in communication channels, affecting multiple administrative panels.

Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, Vkontakte, or Odnoklassniki. This is mishandled within the administration panel for conversations/all, conversations/inbox, conversations/unassigned, and conversations/closed.